Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

windows-FAT-recursion.txt

🗓️ 17 Aug 1999 00:00:00Reported by xmType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 37 Views

Windows FAT file system susceptible to denial of service via recursive directory creation.

Code
`Windows FAT Filesystem Advisory  
  
  
It appears that Windows' FAT file system can be messed up by creating a long enough series of recursive  
directories. After a certain point is reached, directories cannot be deleted. Because each directory added to the file  
allocation takes up a certain amount of space, this can be considered a denial of service attack against the Windows  
filesystem, allowing a user able to create directories to consume disk space. Microsoft's scandisk does not correct  
this problem (do any commercial products?). Windows cannot delete the directory, claiming it is in use. And running  
deltree against it seems to hang the system. So better lock down that anonymous ftp upload directory!   
  
I fired this off in 20 minutes after discovering a clever script I made messed up my filesystem. I'm sure I have  
made a few technical errors and would love corrections. I would appreciate any specific observations about behavior  
of this on various filesystems and platforms, and any workarounds or fixes found. If you find anything or just want  
to comment email xm <[email protected]>. And be sure to check out our main site <http://GeekMafia.dynip.com/>!   
  
Sample Code (pissy.bat)   
  
mkdir y  
cd y  
C:\pathto\pissy.bat   
  
  
  
fatalert.shtml modified Friday, 05-Feb-1999 22:39:02 EST [email protected] Copyright 1998, 1999 Geek  
Mafia and xm. They may be redistributed freely at no cost in its original form.   
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
fat file systemdenial of servicerecursive directoriesdirectory deletion issuesystem hangsecurity exploit.
37