mailing list archives
question regarding CAN-2004-0930
From: Christian Kujau <evil () g-house de>
Date: Tue, 16 Nov 2004 15:16:44 +0100
-----BEGIN PGP SIGNED MESSAGE-----
don't know if this is the right place to ask, but here it goes:
i was notified by one of my users (!) about the recent samba vulnerability
(CAN-2004-0930 ) that this is indeed easily "exploitable" by just
issuing commands with long wildcard-patterns in the filename part, just as:
<smb-share>:\> dir ******.exe
ok, my smbd went crazy and the "dir" command was waiting for the result.
but: when i mounted the smb-share under linux (mount -t smbfs ....) and
$ ls /mnt/smb-share/*******.exe
"ls" returned *instantly* with "No such file or directory" and smbd did
not go crazy. now i ask myself: how comes?
thank you for comments,
BOFH excuse #120:
we just switched to FDDI.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Full-Disclosure - We believe in it.
- question regarding CAN-2004-0930 Christian Kujau (Nov 16)