OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: Windows 2000 Nul bug
From: DDOCEKAL (ddocMIA.CZ)
Date: Sat Apr 29 2000 - 11:32:24 CDT

Not true, typing "nul" at command line shows dialog described in report on
Windows 2000 Server 5.00.2195

> -----Original Message-----
> From: Mousse [mailto:mousseCROSSWINDS.NET]
> Sent: Saturday, April 29, 2000 5:45 PM
> To: win2ksecadviceLISTSERV.NTSECURITY.NET
> Subject: Re: Windows 2000 Nul bug
>
>
> Apparently, Microsoft's already patched the problem.
> On Windows 2000 Professional v. 5.00.2195 (Standard OEM),
> neither the "nul" nor the "other" backdoors seem to work. The
> similar goes for the latest Windows 2000 Server (also Standard
> OEM) release.
>
> ~Mousse
>
> > -----Original Message-----
> > From: auto45040HUSHMAIL.COM [mailto:auto45040HUSHMAIL.COM]
> > Sent: Saturday, April 29, 2000 12:04 AM
> > To: win2ksecadviceLISTSERV.NTSECURITY.NET
> > Subject: Windows 2000 Nul bug
> >
> >
> > <-[DHC ADVISORY]->
> >
> > Title: Nul security AND D.O.S problem for Windows 2000
> > Description program: Well I guess we all know what Windows
> 2000 is. :)
> > Description problem: Simply by typing "nul" in a dos prompt, you
> > get a screen
> > with all kinds of programs you can start and by hitting a
> button you also
> > get a "open file" style explorer window.
> >
> > <-[what was used]->
> > Windows Professional 2000 build 2128
> >
> > <-[how to create the security problem]->
> > start up a dos prompt and type "nul" and then enter. I attached a
> > file (nil.bat)
> > for the people who either don't have a prompt (because of
> restrictions,
> > or whatever) or just don't know how to do it.
> > You'll get a little screen with a list of programs to open
> "nul.pif" with.
> > Just choose what you want to start up. Anything that is on
> your computer
> > is now available.
> > More dangerous maybe is the possibility to hit "other" and
> you're able to
> > browse the drives and directories. Funny thing is that with
> windows NT by
> > typing the drive name in the file name bit you can even
> access hidden but
> > shared drives, so I figure this'll still work with Windows
> 2000 too, but
> > at the moment I'm not sure.
> > To be honest, the same can be achieved by double-clicking an
> > undefined fileformat.
> > However, a lot of administrators will have found a way to
> stop this, so
> > basically this is a workaround for that.
> >
> > <-[fix]->
> > Well, I expect Microsoft will have a fix for the security
> problem, so I
> > won't bother with that.
> >
> > <-[note]->
> > credit where credit is due: I wouldn't've gone and checked
> "nul" out in
> > W2k if it weren't for someone posting to Bugtraq saying
> c:\nul\nul like
> > c:\con\con could lock up W98. I was being curious.
> >
> > Greetz,
> > nemesystm, leader of the DHC (dhcorp.cjb.net)
> > auto45040hushmail.com
> > - 1 found 62999 to go -
>
> _____________________________________________________________________
> ** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
> ** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
> SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net
>

_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net