Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

nt.explorer.DoS.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 29 Views

Windows NT Explorer can crash by creating a 250-character file with a long filename.

Code
`Date: Thu, 11 Feb 1999 11:25:01 -0800  
From: Clifford Hammerschmidt <[email protected]>  
To: [email protected]  
Subject: NT too? Re: Another Windows98 Bug...  
  
The following perl script will create a 250 character file that will crash  
WinNT (service pack 3) explorer when right-clicked on:  
--------------------  
$fn = 'A' x 250;  
open (FH,">$fn") or die ":$!\n";  
print FH "it worked?";  
close FH;  
--------------------  
  
You may have to create the file inside a subdirectory. I think what is  
happening here is the path+filename exceeds MAX_PATH.  
  
To delete the file drop to a command window and delete it using it's  
shortname (dir /X will display shortnames).  
  
At 05:49 PM 2/9/98 -0800, you wrote:  
>>>>  
I'm not sure about the details of this problem, but when testing another  
buffer overflow, I created a long filename called "testfile.txt  
  
  
"  
(note the chr(160)'s at the end) It is 235 characters in length. After  
creating it on my desktop, I right clicked on it; explorer crashed saying  
it caused an illegal operation. the only way I found to close this was by  
using command.com I sent this to a friend and he got the same error.  
  
-Scott Campbell (<mailto:[email protected]>[email protected])  
  
<<<<  
  
-----------------------------------------------------------------------------  
  
Date: Fri, 12 Feb 1999 09:53:00 -0000  
From: Jensen Allan AJE <[email protected]>  
To: [email protected]  
Subject: Re: Another Windows98 Bug...  
  
Scott (10-02-98 01:49):  
>I'm not sure about the details of this problem, but when testing another  
buffer overflow, I created a long filename called "testfile.txt  
"  
>(note the chr(160)'s at the end) It is 235 characters in length. After  
creating it on my desktop, I right clicked on it; explorer crashed saying it  
caused an illegal operation. the only way I found to close this was by using  
command.com I sent this to a friend and he got the same error.  
  
I tried the same under Windows NT 4 Workstation SP3, except the file name  
length was only 225 bytes, called "hello.txt(lots of spaces)(chr(160))", and  
Explorer crashed as well here.  
  
It seems to be an Explorer-only bug, as no other application I've tried went  
down.  
  
Oh well, another buffer overflow..  
  
_______________________________________________________________________  
Allan Jensen Scientific Atlanta Arcodan A/S Phone +45 73122150  
System Administrator Augustenborg Landevej 7 Direct +45 73122154  
IT-Support DK-6400 Sonderborg Fax +45 74423907  
[email protected] http://www.arcodan.com  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
windows ntexplorer crashbuffer overflowlong filenameillegal operationfile deletion.
29