RE: Long path exploit on NTFS

["Elan Hasson" <elan () daryl org>]

I've had a bit of trouble with messed up file names/paths in Windows XP Pro
(NTFS 5.1)

C:\Documents and Settings\Elan Hasson\My Documents\My Files\To
Burn\CD1\elan\compiled.org\sept11\saved_sites\Thousands' Workaday Scenario
Turned Surreal
(washingtonpost_com)_files\digest;dir=;kw=;pos=top;sz=468x60;tile=1;ord=3952
14103427214200_files\911united468x60.gif

is it. I'm unable to rename/delete/copy/paste/open the file But Explorer
says its 14.2 KB and returns a "Modified Date". I cant attach the file to
this e-mail (i just tried heheh) i can't open it in_ANY_ applications.

I'm not sure on the attachment policy of this list but i did attach the
screen shot of the properties window for this file (ntfs_fucked.JPG). If the
attachment does not go through, feel free to  email me (elan () daryl org) and
i'll be happy to send it to you.



-----------
Elan Hasson <elan () daryl org>
                AIM: apiwizard
EFNet: api\

-----Original Message-----
From: Uidam, T (Tim) [mailto:Tim.Uidam () SYD RABOBANK COM]
Sent: Monday, February 04, 2002 10:46 PM
To: 'Fleming, Diane'; 'fh () rcs urz tu-dresden de';
'bugtraq () securityfocus com'; 'hans.somers () hccnet nl'
Subject: RE: Long path exploit on NTFS


No, Mcafee 4.5.1 (scan engine 4.1.60, DAT 4.0.4184) is not vulnberable. Both
realtime scan, and manual scan worked on the deeply nested directories.

-----Original Message-----
From: Fleming, Diane [mailto:dfleming () fnni com]
Sent: Tuesday, 5 February 2002 11:50
To: 'fh () rcs urz tu-dresden de'; bugtraq () securityfocus com;
hans.somers () hccnet nl
Subject: RE: Long path exploit on NTFS


Any information as to whether or not McAfee Virus Scan 4.x has this
vulnerability?

-----Original Message-----
From: Frank Heyne [mailto:fh () rcs urz tu-dresden de]
Sent: Monday, February 04, 2002 1:15 PM
To: bugtraq () securityfocus com; hans.somers () hccnet nl
Subject: Re: Long path exploit on NTFS


On 4 Feb 2002, at 10:26, Hans Somers wrote:

> Not Vunerable:
> --------------
> *1
>  Sophos Anti-Virus v3.53

This is not true.

According to my own tests, Sophos Anti-Virus v3.53
is unable to find virii in deeply nested NTFS subdirectories on NT 4.



Frank Heyne




==================================================================
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en
is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht
onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en
de afzender direct te informeren door het bericht te retourneren.
==================================================================
The information contained in this message may be confidential
and is intended to be exclusively for the addressee. Should you
receive this message unintentionally, please do not use the contents
herein and notify the sender immediately by return e-mail.


==================================================================