[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Shortcut...... may cause 100% cpu use!!!
- To: Bipin Gautam <door_hUNT3R@blackcodemail.com>
- Subject: Re: [Full-Disclosure] Shortcut...... may cause 100% cpu use!!!
- From: Tim <tim-security@sentinelchicken.org>
- Date: Thu, 30 Oct 2003 07:14:14 -0800
On Thu, Oct 30, 2003 at 06:02:41AM -0800, Bipin Gautam wrote:
>
> --[Effected]--
> The exploit has been tested in WINDOWS xp
>
> --[Description]--
> Running a specially crafted "shortcut" that points to itself! IF executed
> through 'Windows Explorer' or IE may cauze 100% cpu use... THAT CAN LEAD
> TODoS in the victim.
>
>
>
> --[Simple! proof of concept]--
> http://www.geocities.com/visitbipin/shortcut.zip
>
> [Note: You *may* have to RUN the 'shortcut' few* time's to have a effective
> 100% CPU use...]
>
>
> EXTRACT this file and copy it to c:\ [root] and double click IT... or open
> it through IE after copying it in c:\
>
>
>
>
> PS: Anyone willing to craft* it for IIS (O;
>
> --[credit]--
> Bipin Gautam (hUNT3R)
I haven't looked at your shortcut file(s) yet, but it sounds like the
same as:
http://www.securityfocus.com/archive/1/315151
If you find something like this on your own, at least do a *little*
googling before reporting to a list. Else, sound like a fool. If you
are blatantly ripping off other peoples' stuff, well, shame on you.
tim
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html