[14347] in bugtraq
Re: con\con is a old thing (anyway is cool)
daemon@ATHENA.MIT.EDU (Bernd Luevelsmeyer)
Mon Mar 20 05:45:54 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <38D228EB.2EF72077@heitec.net>
Date: Fri, 17 Mar 2000 13:45:31 +0100
Reply-To: Bernd Luevelsmeyer <bernd.luevelsmeyer@HEITEC.NET>
From: Bernd Luevelsmeyer <bernd.luevelsmeyer@HEITEC.NET>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Oliver Friedrichs wrote:
[...]
> For example, you can create known devices with random extensions over
> a file share, com1.1 com1.2 com1.3 com1.4, and you cannot remove them
> locally. It's probably a good thing that the CIFS layer doesn't
> provide direct access to these devices, otherwise an anonymous share
> could open up a number of other security issues.
The file can be removed if you write the filename in a way that parsing
doesn't recognize it as "special". Use a prefix of "\\.\" for example.
E:\temp>dir *nul*
File Not Found
E:\temp>echo test > nul:#
E:\temp>dir *nul*
00-03-17 13:29 0 nul
E:\temp>del nul
The system cannot find the path specified.
E:\temp> del nul:
The system cannot find the path specified.
E:\temp>del \\.\e:\temp\nul
E:\temp>dir *nul*
File Not Found
