Betcha can't do this...

[user-7256]

Try making a file called "com" with a number after it on any extention on your Windows XP (Home/Pro) system (2000 might have the same effect too).

Also works with new folders... create a folder named "com1" or "com7" or something and it won't work.

These names are apparently reserved as device names.

More info on this DOS vulnerability here (for Win 95/98, others won't let you even make the filename): http://www.pcworld.com/downloads/file_description/0,fid,7303,00.asp

-Matt

 

[Refrozen]

How is it a vulnerability?
You can't do LPTs either, or any other port-name folder.
It's to prevent confusion.

Any of the input/output pipes cannot be created as folders/files, because that wouldn't make sense.

`cat $filename >> prn`

would confuse it (of course; I don't think windows has a cat function)

 

[user-7256]

Cough, VULNERABILITY IN WINDOWS 95/98 as I said...

 

[Refrozen]

I don't understand how it's a vulnerabiltiy.

I read the page and it says "it may crash"... well, I don't even understand HOW it could crash, I'm sure the code looks something like this

if(array_intersect($input/output handlers, $filename)) {
return "Sorry, can't do that";
} else {
createFile/Folder($filename).;
}

 

[oliciv]

How is it a vulnerability?

Because in compuXP's world, everything Micros... sorry, M$, codes is insecure :lol: