Exploit Rit Research Labs The Bat! 1.53 - Microsoft Denial of Service Device Name Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21307
Проверка EDB
  1. Пройдено
Автор
3APA3A
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2002-0338
Дата публикации
2002-02-27
Код:
source: https://www.securityfocus.com/bid/4187/info

The Bat! is an e-mail client for Microsoft Windows operating systems.

A problem occurs with The Bat! when it is configured to save attachments seperately from the body of a message. It is possible to include a MS-DOS device name (such as CON, AUX, PRN, etc.) in the filename of the attachment to cause a denial of service to an e-mail client with this configuration.

This appears to be an issue with The Bat! version 1.53d. Earlier versions do not appear to be affected.

bash-2.03$ sendmail -U [email protected]
From: test
To: test
Content-Type: apllication/exe; name=lpt1

Test
 
Источник
www.exploit-db.com

Похожие темы