Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: zepcom001
From: Leif Ericksen <leife () dls net>
Date: Sat, 04 Feb 2006 09:29:01 -0600

HUMMM To me that looks like a binary file being sent to the printer or
lp or lpd device...  Normally it is a bad idea to send binary files to
the printers because they do not know how to deal with such files.
Security risk maybe.  Just means you have stupid users if they are going
to send binaries to a printer.  After all it will cause may one or two
lines of junk to be printed if not the entire page, and maybe even so
much junk that it makes the printer run out of paper.  Kill the job
reset the printer wait for next stupid user.

rather than using /ntldr or /kernel 
build your own binary and print it.

On Sat, 2006-02-04 at 06:29 +0100, zepcumzepcum () hushmail com wrote:




zepcom-001.txt
Hello dear readers and welcome to our fist advisory!
we have found a ressurse exarstion bog in notepad and assosiated 
ressurses.
if u have a printer and u type start and run and type notepad and 
then you type
NOTEPAD.EXE /P C:\NTLDR and not make mutex_a to prevent dedflock
then your PRINTER will run OUT of PAPER! this is bad!!
This is a serrius ressurse starvation of big company if they print 
regnings
or other important papers. This has been veriffied on:

windows NT ( UNTESTED )

windows 2000 sp0
windows 2000 sp1
windows 2000 sp2
windows 2000 sp3
windows 2000 sp4
windows 2000 sp5
windows 2000 sp6

windows XP sp0
windows XP sp1
windows XP sp2
windows XP sp3

AND OPEN SOURC EALSO HAS PROBLEM WITH CAT 
IF you use cat and feed to telnet and port 90+00 of
print server and put to /kernel then you can kill the printer!
This can be very serius flav for big billing company

-- 
Leif Ericksen <leife () dls net>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault