[10733] in bugtraq
Re: Windows NT 4.0, 95, 98 (?) networked PRN flaw
daemon@ATHENA.MIT.EDU (Terry Milnes)
Sun Jun 6 15:45:52 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <375ACAC9.3FC985C9@interface.on.ca>
Date: Sun, 6 Jun 1999 15:23:53 -0400
Reply-To: Terry Milnes <tez@INTERFACE.ON.CA>
From: Terry Milnes <tez@INTERFACE.ON.CA>
X-To: "STEVENS, Eric" <Eric.Stevens@RP-RORER.COM>
To: BUGTRAQ@NETSPACE.ORG
Eric,
You can however rename the file the same way you created it,
and then delete it in any manner you would normally do.
NT Server 4.0 sp4
> Now the flaw:
> Although you cannot create a local file whose name is PRN, you can,
> however, jump onto a networked server (suppose it's name is
> \\whatever) and create (in any directory that you have creatable
> permissions) any file or directory named PRN.xxx (again, xxx stands
> for any extension). The server must be accessed by it's \\ notation,
> you cannot do this if you map \\whatever\anydir to a drive (such as
> w:), then go to w:\ and try to create the file, in that case your
> machine's name parser blocks you.
>
