Securax Security Advisory: Windows98 contains a serious buffer overflow with long filenameextensions.

===================================================================== Securax-SA-02 Security Advisory belgian.networking.security Dutch ===================================================================== Topic: Ms Windows '95?/'98/SE explorer.exe causes a buffer overflow with long filename...

scx-sa-02.txt

===================================================================== Securax-SA-02 Security Advisory belgian.networking.security Dutch ===================================================================== Topic: Ms Windows '95?/'98/SE explorer.exe causes a buffer overflow with long filename...

Microsoft Windows Server 20009598NT 4.0 - Long Filename Extension

Microsoft Windows Server 20009598NT 4.0 - Long Filename Extension // source: https://www.securityfocus.com/bid/1259/info Windows 95, 98, NT and 2000 suffer from a number of related buffer overflows that can result in a crash if a filename with an extension longer than 128 characters is accessed...

Microsoft Windows Server 2000/95/98/NT 4.0 - Long Filename Extension

// source: https://www.securityfocus.com/bid/1259/info Windows 95, 98, NT and 2000 suffer from a number of related buffer overflows that can result in a crash if a filename with an extension longer than 128 characters is accessed. Although arbitrary code could be executed via this manner, it woul...

Microsoft FrontPage 98 Server Extensions for IIS Microsoft InterDev 1.0 - Filename Obfuscation

Microsoft FrontPage 98 Server Extensions for IIS Microsoft InterDev 1.0 - Filename Obfuscation source: https://www.securityfocus.com/bid/1108/info Two dlls dvwssr.dll and mtd2lv.dll included with the FrontPage 98 extensions for IIS and shipped as part of the NT Option Pack include an obfuscation...

PT-2000-1256 · Linux · Linux

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue allows attackers to cause a denial of service by accessing a file or directory with a long name. Recommendations: At the moment, there is no information about a newer version that...

Microsoft IIS 4.0 - Pickup Directory Denial of Service

source: https://www.securityfocus.com/bid/1819/info An email with a filename consisting of over 86 characters and an extension of .txt.eml will cause Microsoft IIS to crash if placed in the \mailroot\pickup directory. The process inetinfo.exe will crash, resulting in a Dr. Watson access violation...

SSH Communications Security SSH 1.2.27 - Authentication Socket File Creation

SSH Communications Security SSH 1.2.27 - Authentication Socket File Creation source: https://www.securityfocus.com/bid/660/info A vulnerability in SSH's creation of the authentication agent UNIX domain socket allows local users to create a UNIX domain socket with an arbitrary file name in the...

icq-hidden-files.txt

Date: Fri, 1 Jan 1999 14:20:34 +1100 From: Justin Clift To: [email protected] Subject: Win32 ICQ 98a flaw Hello everyone, A while ago I found a flaw in ICQ which I believe to be fairly serious and asked whom to notify. Thanks for everyone's assistance in this. :- I notified Mirabilis and they...

win98explorer.txt

Date: Mon, 9 Feb 1998 17:49:45 -0800 From: Scott To: [email protected] Subject: Another Windows98 Bug... I'm not sure about the details of this problem, but when testing another buffer overflow, I created a long filename called "testfile.txt " note the chr160's at the end It is 235 characters ...

nt.explorer.DoS.txt

Date: Thu, 11 Feb 1999 11:25:01 -0800 From: Clifford Hammerschmidt To: [email protected] Subject: NT too? Re: Another Windows98 Bug... The following perl script will create a 250 character file that will crash WinNT service pack 3 explorer when right-clicked on: -------------------- $fn = 'A' ...

nt4+sp4.filename.length.txt

Bug in WinNT 4.0 SP4 Alvaro Gilabert [email protected] Mon, 19 Apr 1999 15:15:36 +-200 Hi, I supose it is a bug and I will explain why do I think so You can exceed the limit in the number of chars allowed in a filename. WinNT does allow it. You can move a folder to a deeper one exceeding it. But,...

eudora.attachment.bof.txt

Date: Sat, 20 Mar 1999 02:21:35 -0500 From: whiz To: [email protected] Subject: Eudora Attachment Buffer Overflow I have found another problem with Eudora, attachments, and long filenames that is similar to the the problem I found last year. If two messages are sent to an Eudora 4.1 user that...

mirc-hidden-files.txt

Date: Sat, 2 Jan 1999 06:15:04 -0500 From: Locke Nash Cole To: [email protected] Subject: Re: Win32 ICQ 98a flaw You can also do this in the popular mIRC IRC Client, althou it has no "Open" option so there is a less chance of the person running it, however in explorer "mypic..bmp .exe" Kinda...

microsoft.wildcard.matches.txt

Date: Mon, 14 Jun 1999 09:46:41 +0200 From: BROWN Nick Subject: Unwanted wildcard match I don't normally like to present individual bugs as RISKs, but this one just bit me and is so counter-intuitive that I felt I had to report it. It appears that when Windows NT and, I imagine, other...

SmartDesk WebSuite 2.1 - Remote Buffer Overflow

SmartDesk WebSuite 2.1 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/278/info A buffer overflow vulnerability in SmartDesk WebSuite 2.1 allows malicious remote users to crash the server, and may at worst allow them to execute arbitrary code. WebSuite 2.1 will crash when the...

CVE-1999-1440

Win32 ICQ 98a 1.30, and possibly other versions, does not display the entire portion of long filenames, which could allow attackers to send an executable file with a long name that contains so many spaces that the .exe extension is not displayed, which could make the user believe that the file is...

Exim Buffer 1.6.21.6.51 - Local Overflow

Exim Buffer 1.6.21.6.51 - Local Overflow / source: https://www.securityfocus.com/bid/1859/info A potential local root yielding buffer overflow vulnerability exists in Exim mail client version 1.62. A buffer used in processing filenames of message attachments can be overflowed by a...

Exim Buffer 1.6.2/1.6.51 - Local Overflow

/ source: https://www.securityfocus.com/bid/1859/info A potential local root yielding buffer overflow vulnerability exists in Exim mail client version 1.62. A buffer used in processing filenames of message attachments can be overflowed by a maliciously-formed filename. As a result, the excessive...

GNOME's Eye Of Gnome incorrect file name handling

Advisory ID Internal CORE-2003-0304-03 Bugtraq ID: 7121 CVE Name: CAN-2003-0165 CERT: VU363001 Title: GNOME's Eye Of Gnome incorrect file name handling Class: Input validation error Remotely Exploitable: No Locally Exploitable: Yes Vendors contacted: Eye Of Gnome . CORE Notification: 2003-03-14...