Home page logo
/

bugtraq logo Bugtraq mailing list archives

Old (and fixed) Windows bug - was Re: BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY
From: Alun Jones <alun () texis com>
Date: Wed, 27 Feb 2002 18:03:17 -0600

At 04:00 AM 2/27/2002, ][-][UNTER wrote:
BPM STUDIO PRO 4.2 is one of the most famous mp3 mixer and player and it has
an http server implementation for manage the player via the web browser.

Unfortunatly, when you perform a simple http request like:
http://BPM-HOST/con/con
you can crash instantly non-patched Win9x host with a simple Blue Screen !!

This old chestnut again?

This is an _operating_system_ issue. There's very little that an app could do, even if it wanted to, to protect against this particular crash.

As noted, there is a patch out there for vulnerable operating systems - why are we still seeing this reported as an application bug?

Alun.
~~~~

--
Texas Imperial Software   | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place   | http://www.wftpd.com or email alun () texis com
Cedar Park TX 78613-1419  | VISA/MC accepted.  NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.


  By Date           By Thread  

Current thread:
  • Old (and fixed) Windows bug - was Re: BPM STUDIO PRO 4.2 DOS DEVICE PATH VULNERABILITY Alun Jones (Mar 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault