mailing list archives
From: Leif Ericksen <leife () dls net>
Date: Sat, 04 Feb 2006 09:29:01 -0600
HUMMM To me that looks like a binary file being sent to the printer or
lp or lpd device... Normally it is a bad idea to send binary files to
the printers because they do not know how to deal with such files.
Security risk maybe. Just means you have stupid users if they are going
to send binaries to a printer. After all it will cause may one or two
lines of junk to be printed if not the entire page, and maybe even so
much junk that it makes the printer run out of paper. Kill the job
reset the printer wait for next stupid user.
rather than using /ntldr or /kernel
build your own binary and print it.
On Sat, 2006-02-04 at 06:29 +0100, zepcumzepcum () hushmail com wrote:
Hello dear readers and welcome to our fist advisory!
we have found a ressurse exarstion bog in notepad and assosiated
if u have a printer and u type start and run and type notepad and
then you type
NOTEPAD.EXE /P C:\NTLDR and not make mutex_a to prevent dedflock
then your PRINTER will run OUT of PAPER! this is bad!!
This is a serrius ressurse starvation of big company if they print
or other important papers. This has been veriffied on:
windows NT ( UNTESTED )
windows 2000 sp0
windows 2000 sp1
windows 2000 sp2
windows 2000 sp3
windows 2000 sp4
windows 2000 sp5
windows 2000 sp6
windows XP sp0
windows XP sp1
windows XP sp2
windows XP sp3
AND OPEN SOURC EALSO HAS PROBLEM WITH CAT
IF you use cat and feed to telnet and port 90+00 of
print server and put to /kernel then you can kill the printer!
This can be very serius flav for big billing company
Leif Ericksen <leife () dls net>
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/