[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Long url windows exploit

Subject: Re: [cobalt-security] Long url windows exploit
From: Bill Irwin <bill_irwin@xxxxxxxx>
Date: Mon, 16 Jul 2001 10:05:03 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Carrie Bartkowiak wrote:
> 
> I know this is a windows exploit, but just a heads up that I'm
> starting to get quite a few of these in my logs:
> http://my.ip.address/anydirectory/..%255c..%255c..%255c..%255cwinnt/sy
> stem32/cmd.exe?/c+dir
> 
> and also the same type of URL without the /c+dir at the end.
> 
> Sometimes I'm just happy that these are windows exploits, really...
> :)
> --
> Carrie Bartkowiak, ravencarrie@xxxxxxxx on 07/16/2001
> 

Explains why I'm starting to change over my home machines to linux just
like I have at work. I like not having to worry about crappy security
implementations in windows. Its also SOOOOOOO nice to work all day and
not have my machine crashing or getting the Blue Screen of Death (BSOD).
In fact my current uptime on my work machine is  10:02am  up 17 days,
16:17, and it would have been more like a month and half if I hadn't
switched back to mouse from the trackball. =)

-- 
Bill Irwin
Technical Support Engineer
Sun Microsystems, Inc.

Follow-Ups:
- Re: [cobalt-security] Long url windows exploit
  - From: shimi

References:
- [cobalt-security] Long url windows exploit
  - From: Carrie Bartkowiak

Prev by Date: Re: [cobalt-security] Copied from securiteam.com: Apache '?' Configuration Bug (List content)
Next by Date: [cobalt-security] Reported Security Problem
Previous by thread: [cobalt-security] Long url windows exploit
Next by thread: Re: [cobalt-security] Long url windows exploit

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index