[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow.
- To: bporter@xxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxx, kf_lists@xxxxxxxxxxxxx
- Subject: RE: [Full-Disclosure] Microsoft's Explorer and Internet Explorer long share name buffer overflow.
- From: psz@xxxxxxxxxxxxxxxxx (Paul Szabo)
- Date: Thu, 29 Apr 2004 08:58:46 +1000 (EST)
Tested on W2kSP4 (right-click MyComputer, Properties):
Microsoft Windows 2000
5.00.2195
Service Pack 4
with IE6 (and noting that W2kSP3 behaved identically).
Going to StartMenu > Run > \\hostname behaves sensibly, showing all
shares; clicking on the long one says "The network name cannot be found".
However, going to StartMenu > Run > \\IP.address crashes explorer:
Program Error
explorer.exe has generated errors and will be closed by Windows.
You will need to restart the program.
An error log is being created.
[Cancel]
(then explorer re-starts automatically and the button changes to [OK]). I
cannot see an EIP=41414141 (or 00410041) in file drwtsn32.log (in
C:\Documents and Settings\All Users\Documents\Dr Watson), but maybe it is
not telling the truth (or maybe I needed \\IP.address\sharename?).
Anyway, http://support.microsoft.com/?kbid=322857 lies when it says this is
fixed in W2kSP4; or maybe that KB article refers to a different problem: it
say the error should be "Access Violation", I got "Program Error".
Cheers,
Paul Szabo - psz@xxxxxxxxxxxxxxxxx http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html