Re: [Full-Disclosure] EEYE: Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability

From: bipin gautam (visitbipin_at_yahoo.com)
Date: 10/14/04

  • Next message: Luke Macken: "[Full-Disclosure] [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities" 
    To: Derek Soeder <dsoeder@eeye.com>
Date: Thu, 14 Oct 2004 06:56:42 -0700 (PDT)

    >---Description---
    >Win xp default zip manager can't handle long file
    names properly...
    >
    >---Bug Demonstration---
    >Create a new file with very long file name... in your
    c: [ say:
    >1.111111111111111111111111111111111111111111111111111111111111111111111111
    >11111111111111111111111111111111111111111111111111111111111111111111111111
    >11111111111111111111111111111111111111111111111111111111111111111111111111
    >11111111111111111111111111111 ]
    >
    >[or, download]
    http://www.geocities.com/visitbipin/zip_long.zip
    >
    >Windows xp will easily allow you to create that file,
    now zip the file [
    >above mentioned ie 1.11111111111111111111* ] using
    winxp default zip
    >manager, [say, the new file created is 1.zip]
    >But strangely, if you open the file [1.zip] with
    windows explorer [ie
    >view it's content] You can neither see a file name
    nor its extension in
    >the archive but simply its icon only!
    >
    >Moreover, windows xp doesn't allow you to delete the
    long file created in
    >the above example, through GUI mode [...have to use
    command prompt] and
    >end up with an error Can't delete 1 : The folder is
    empty. [actually its
    >a file!]

    http://www.securityfocus.com/archive/1/336994

    *appaulse*

    before, microsoft discarded this report as a
    non-security issue. Maybe, my english was too poor at
    that time.

                    
    __________________________________
    Do you Yahoo!?
    Yahoo! Mail Address AutoComplete - You start. We finish.
    http://promotions.yahoo.com/new_mail

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Luke Macken: "[Full-Disclosure] [ GLSA 200410-12 ] WordPress: HTTP response splitting and XSS vulnerabilities"

    Relevant Pages

    • Re: How to uninstall IE6 for XP
      ... I had disabled the Yahoo popup blocker, ... How to Reinstall or Repair Internet Explorer and Outlook Express in Windows ... you cannot 'uninstall' IE if you have Windows XP. ... >> something like Yahoo Companion, Google toolbar, MSN toolbar, a>> firewall, ...
      (microsoft.public.windows.inetexplorer.ie6.browser)
    • Re: Microsoft geht es immer schlechter
      ... Was interessiert mich die Bewertung von Managern, ... und 40 Milliarden US$ für die Übernahme von Yahoo fallen auch nicht ... Mit dem aktüllen Windows Vista ...
      (de.comp.advocacy)
    • Re: Error message 0x800CCC0f
      ... So it maybe some issue with that ver of windows. ... I got a hold of a tech from AT&T Yahoo ... patch to fix port 465 I didn't find one. ... Subject 'test', Account: 'pop.mail.yahoo.co.uk', Server: ...
      (microsoft.public.windows.vista.mail)
    • Re: IE problem: Unable to use Google , yahoo and other search bars in IE...
      ... Tell the user he/she should /only/ get his/her updates via Windows ... PA Bear: Thank You for the sites you sent; ... > checking out those hijack type sites ... >> useable except that they cannot click on the search bar on google yahoo ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
    • Re: Cant forward/send emails and log on keeps popping up
      ... Did you try Windows Mail while no antivirus was installed? ... just to forward my emails back to my yahoo account. ... Even disabling its email scanning is often not sufficient. ...
      (microsoft.public.windows.vista.mail)
    • Quantcast