mailing list archives
Old (and fixed) Windows bug - was Re: BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY
From: Alun Jones <alun () texis com>
Date: Wed, 27 Feb 2002 18:03:17 -0600
At 04:00 AM 2/27/2002, ][-][UNTER wrote:
BPM STUDIO PRO 4.2 is one of the most famous mp3 mixer and player and it has
an http server implementation for manage the player via the web browser.
Unfortunatly, when you perform a simple http request like:
you can crash instantly non-patched Win9x host with a simple Blue Screen !!
This old chestnut again?
This is an _operating_system_ issue. There's very little that an app could
do, even if it wanted to, to protect against this particular crash.
As noted, there is a patch out there for vulnerable operating systems - why
are we still seeing this reported as an application bug?
Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place | http://www.wftpd.com or email alun () texis com
Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.
- Old (and fixed) Windows bug - was Re: BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY Alun Jones (Mar 01)