[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Serious Windows TCP/IP Security Hole (fwd)

To: [email protected]
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)
From: Rich Graves <[email protected]>
Date: Wed, 4 Oct 1995 16:59:03 -0700 (PDT)

---------- Forwarded message ----------
Date: Sat, 30 Sep 1995 02:03:58 -0700 (PDT)
From: Rich Graves <[email protected]>
To: Ken Simler <[email protected]>
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)

This doesn't work for you? Please get back to me if you figure it out. 
I'd like to document the problem accurately.

-rich

---------- Forwarded message ----------
Date: Thu, 28 Sep 95 23:45:49 -0400
From: Mark Thornton <[email protected]>
To: [email protected]
Newgroups: comp.os.ms-windows.win95.misc,
    comp.os.ms-windows.networking.windows,
    comp.os.ms-windows.networking.tcp-ip
Subject: Re: Serious Windows TCP/IP Security Hole

I can confirm that the complete(floppy) version of Windows 95 
STILL has the ../ bug ;-( The ... bug has been fixed correctly 
returning the following message
chkpath: ERRDOS - ERRbadpath (Directory invalid.)
But cd ../ WILL put you in the root directory of the share
with the rights you had in the intial directory. Very bad...
I've had to share all my drives read-only until the problem 
gets fixed.

Prev by Date: Re: Serious Windows TCP/IP Security Hole (fwd)
Next by Date: McNeil Lehrer on Net Insecurity
Prev by thread: Re: Serious Windows TCP/IP Security Hole (fwd)
Next by thread: McNeil Lehrer on Net Insecurity
Index(es):
- Date
- Thread