Stop Microsoft
All Things Microsoft => Microsoft Software => Topic started by: Calum on 24 May 2002, 14:58
-
so, I thought that this page (http://www.securax.org/pers/scx-sa-01.txt)was worth of a mention here, and i would even suggest that it get kept in the feature articles section (along with that great rant from a few days ago in the unix section). I'm sure people can think of an easy way to put this to good use.
quote:
I. Background
Local and Remote users can crash Windows '98 systems using special
crafted path-strings that refer to device drivers being used.
Upon parsing this path the Ms Windows OS will crash leaving no
other option but to reboot the macine. With this all other running
applications on the machine will stop responding.
NOTE:
This is not a bug in Internet Explorer, FTPd and other
webserver software running Win95/98. It is a bug in the Ms
Windows kernel system, more specific in the handling of the device
drivers specified in IO.SYS, causing this kernel meltdown.
[ May 24, 2002: Message edited by: Calum ]
-
isnt there any programs in windows that need the IO.sys?
-
nope... none at all :rolleyes:
-
if you create a link to /dev/null it just says file not found in mozilla.
[ May 25, 2002: Message edited by: Master of Reality ]
-
it will work in linux if you make a hyperlink to it. click, netscape should crash (http://file://c:\nul\nul)
-
yes, but can you crash the whole operating system?
Also, a new development, the microsoft site says that any problems caused by the c:/con/con bug can be eliminated by simply restarting the machine. Interesting then that i have since seen several sites that warn that you can destroy your vfat filesystem completely just by accessing a "restricted" device name like this in windows or DOS. Now since this bug only affects win9x, that means that all filesystems attached to those OSs are vfat. So they can all be fucked. There is a patch which eliminates this problem, but it is dated 2000. I think that is pretty poor since the actual bug has been present since windows 95.
Now, how do we go about pulling the same thing off in NT/2000/XP?
-
Since when does that crash Netscape in Linux? I think you are on some mind altering drugs...
-
It crashes netscape 4.X at least... I was at school today telling people to go to my site and click a link to the bug, and it crashed the shcool computers which were running win95 with netscape 4.6
-
But you said in your earlier post that it would crash netscape on Linux. I find that hard to believe. I just tried opening /dev/null in Netscape 4.79 in Linux and it just says "document contains no data".
-
what crashes netscape in win*? the null thing? or the con thing?
also, i too with my limited knowledge find it difficult to believe that netscape and linux would crash in this way...