From: Rich Graves <llurch@Networking.Stanford.EDU>
To: henrysa@microsoft.com
Message Hash: 3481818aa66d485a87cdc61d95f2271bd6461f7254a1691a787868790a13b448
Message ID: <Pine.ULT.3.91.951004165855.19409M-100000@Networking.Stanford.EDU>
Reply To: N/A
UTC Datetime: 1995-10-04 23:59:03 UTC
Raw Date: Wed, 4 Oct 1995 16:59:03 -0700 (PDT)
From: Rich Graves <llurch@Networking.Stanford.EDU>
Date: Wed, 4 Oct 1995 16:59:03 -0700 (PDT)
To: henrysa@microsoft.com
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)
Message-ID: <Pine.ULT.3.91.951004165855.19409M-100000@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain
---------- Forwarded message ----------
Date: Sat, 30 Sep 1995 02:03:58 -0700 (PDT)
From: Rich Graves <llurch@Networking.Stanford.EDU>
To: Ken Simler <krs2@cornell.edu>
Subject: Re: Serious Windows TCP/IP Security Hole (fwd)
This doesn't work for you? Please get back to me if you figure it out.
I'd like to document the problem accurately.
-rich
---------- Forwarded message ----------
Date: Thu, 28 Sep 95 23:45:49 -0400
From: Mark Thornton <markt@eng.umd.edu>
To: llurch@networking.stanford.edu
Newgroups: comp.os.ms-windows.win95.misc,
comp.os.ms-windows.networking.windows,
comp.os.ms-windows.networking.tcp-ip
Subject: Re: Serious Windows TCP/IP Security Hole
I can confirm that the complete(floppy) version of Windows 95
STILL has the ../ bug ;-( The ... bug has been fixed correctly
returning the following message
chkpath: ERRDOS - ERRbadpath (Directory invalid.)
But cd ../ WILL put you in the root directory of the share
with the rights you had in the intial directory. Very bad...
I've had to share all my drives read-only until the problem
gets fixed.
Return to October 1995
Return to “Rich Graves <llurch@Networking.Stanford.EDU>”
1995-10-04 (Wed, 4 Oct 1995 16:59:03 -0700 (PDT)) - Re: Serious Windows TCP/IP Security Hole (fwd) - Rich Graves <llurch@Networking.Stanford.EDU>