Full Disclosure mailing list archives
Re: question regarding CAN-2004-0930
From: Paul Schmehl <pauls () utdallas edu>
Date: Tue, 16 Nov 2004 12:16:23 -0600
--On Tuesday, November 16, 2004 03:16:44 PM +0100 Christian Kujau <evil () g-house de> wrote:
Because in the former case you were attempting to access a file through the daemon. In the latter, you were attempting to access a file through a unix utility. The former (smbd) is vulnerable. The latter (ls) apparently is not."ls" returned *instantly* with "No such file or directory" and smbd did not go crazy. now i ask myself: how comes?
Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- question regarding CAN-2004-0930 Christian Kujau (Nov 16)
- Re: question regarding CAN-2004-0930 Paul Schmehl (Nov 16)
- Re: question regarding CAN-2004-0930 Christian (Nov 16)
- Re: question regarding CAN-2004-0930 upb (Nov 16)
- Re: question regarding CAN-2004-0930 Paul Schmehl (Nov 17)
- Re: question regarding CAN-2004-0930 evil (Nov 17)
- Re: question regarding CAN-2004-0930 Christian (Nov 16)
- Re: question regarding CAN-2004-0930 Paul Schmehl (Nov 16)
- <Possible follow-ups>
- question regarding CAN-2004-0930 evilninja (Nov 16)
- RE: question regarding CAN-2004-0930 Castigliola, Angelo (Nov 16)
- Re: question regarding CAN-2004-0930 Rob klein Gunnewiek (Nov 17)
- Re: question regarding CAN-2004-0930 Christian (Nov 17)
- Re: question regarding CAN-2004-0930 Rob klein Gunnewiek (Nov 17)