[21982] in bugtraq
RE: bug w2k
daemon@ATHENA.MIT.EDU (Steven Evans)
Sun Jul 29 04:14:07 2001
From: "Steven Evans" <steve@netwaynetworks.com.au>
To: "Carl Livitt" <carl@ititc.com>
Cc: <bugtraq@securityfocus.com>
Date: Sun, 29 Jul 2001 17:16:33 +1000
Message-ID: <OEEMLACBMJFGAIMFMMEEKEJNCLAA.steve@netwaynetworks.com.au>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
In-Reply-To: <OEEMLACBMJFGAIMFMMEEMEJGCLAA.evilguy@tig.com.au>
To me this looks like a bug that crashes the ntvdm, then corrupts the stack
until windows eventually dies with a "windows subsystem failure". Which was
the error message when I ran it on my acer laptop.
The reason the other computers reboot is because of an option set in
System/Advanced/Startup and Recovery/Automatically Reboot.
Cheers,
Steve
-----Original Message-----
From: Carl Livitt [mailto:carl@ititc.com]
Sent: Saturday, July 28, 2001 8:25 PM
To: bugtraq@securityfocus.com
Subject: Re: bug w2k
Does anyone know: is the F7 key (used in CMD.EXE as to bring up a
most-recently-used command list) implemented in kernel or user space? If its
in user space, then this is a doubly worrying bug as it hints that it would
be possible for a non-privileged user to write code that could cause a BSOD
and reboot. If it's in kernel space, well I just hope that this situation is
not caused by an unchecked buffer....
