mailing list archives
Re: question regarding CAN-2004-0930
From: "evil" <evilninja () gmx net>
Date: Thu, 18 Nov 2004 01:12:57 +0100
On Wed, 17 Nov 2004 17:49:12 -0600, Paul Schmehl wrote
When you do an "ls", you are making a call that the *os* has
to respond to. The os is *not* vulnerable, so it (properly)
rejects the request as malformed.
i think i get it now. as someone else explained is "wildcard expansion"
also an issue here. so the (linux) os responds, before the smbd could
even notice the call.
Hopefully that makes more sense to you.
yes, thank you.
BOFH excuse #433:
error: one bad user found in front of screen
Full-Disclosure - We believe in it.