[24459] in bugtraq
Old (and fixed) Windows bug - was Re: BPM STUDIO PRO 4.2 DOS
daemon@ATHENA.MIT.EDU (Alun Jones)
Thu Feb 28 23:59:03 2002
Message-Id: <4.3.2.7.2.20020227180143.022463c8@208.55.91.110>
Date: Wed, 27 Feb 2002 18:03:17 -0600
To: "][-][UNTER" <lopht@tutopia.com>
From: Alun Jones <alun@texis.com>
Cc: <bugtraq@securityfocus.com>
In-Reply-To: <007501c1bf75$9eeb8ac0$4500a8c0@pepe>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 04:00 AM 2/27/2002, ][-][UNTER wrote:
>BPM STUDIO PRO 4.2 is one of the most famous mp3 mixer and player and it has
>an http server implementation for manage the player via the web browser.
>
>Unfortunatly, when you perform a simple http request like:
>http://BPM-HOST/con/con
>you can crash instantly non-patched Win9x host with a simple Blue Screen !!
This old chestnut again?
This is an _operating_system_ issue. There's very little that an app could
do, even if it wanted to, to protect against this particular crash.
As noted, there is a patch out there for vulnerable operating systems - why
are we still seeing this reported as an application bug?
Alun.
~~~~
--
Texas Imperial Software | Try WFTPD, the Windows FTP Server. Find us at
1602 Harvest Moon Place | http://www.wftpd.com or email alun@texis.com
Cedar Park TX 78613-1419 | VISA/MC accepted. NT-based sites, be sure to
Fax/Voice +1(512)258-9858 | read details of WFTPD Pro for NT.
