Author Topic: Critical vulnerability in ipconfig (Read 8801 times)

iago · « **on:** March 08, 2006, 10:30:10 am »

From a mailing list:

Quote

This is a very serious matter. I've found an error in how the IPCONFIG
command handles incorrect command line input.

C:\>ipconfig lksdflkjdsakfl

Error: unrecongnized or incomplete command line.

Clearly the error line is supposed to say "unrecognized". I don't know if
this is an exploitable issue. I've only tested it on Windows XP SP2.

Let's hope Microsoft patches this before it's too late!!

<edit> Apparently the German version of Microsoft Windows does not suffer from this problem. You might consider setting your language to German until a patch comes out:

Quote

C:\>ipconfig lksdflkjdsakfl
Fehler: Unbekannte oder unvollständige Befehlszeile.

[disclaimer: this is a joke. Anybody who thinks I'm serious should be shot.]

Sidoh · « **Reply #1 on:** March 08, 2006, 10:45:01 am »

Hahahah, that's great.

Blaze · « **Reply #2 on:** March 08, 2006, 11:50:05 am »

What the hell? That guy is an idiot.

iago · « **Reply #3 on:** March 08, 2006, 11:55:58 am »

Quote from: Blaze on March 08, 2006, 11:50:05 am

What the hell? That guy is an idiot.

As I said, it's a joke

Sidoh · « **Reply #4 on:** March 08, 2006, 01:25:46 pm »

Quote from: Blaze on March 08, 2006, 11:50:05 am

What the hell? That guy is an idiot.

* Sidoh shoots Blaze.

Blaze · « **Reply #5 on:** March 08, 2006, 06:47:48 pm »

I understood it as a joke. That doesn't make the joke or the person who made it up any less idiotic.

Sidoh · « **Reply #6 on:** March 08, 2006, 07:01:43 pm »

Quote from: Blaze on March 08, 2006, 06:47:48 pm

I understood it as a joke. That doesn't make the joke or the person who made it up any less idiotic.

Why? Because you fail to see the humor in it? Your problem.

Blaze · « **Reply #7 on:** March 08, 2006, 07:12:19 pm »

I find humor in it, it's just TOO stupid.

Sidoh · « **Reply #8 on:** March 08, 2006, 08:21:20 pm »

Quote from: Blaze on March 08, 2006, 07:12:19 pm

I find humor in it, it's just TOO stupid.

It's a subjective statement. Calling someone an idiot is too, but it's a much more personal issue...

Joe · « **Reply #9 on:** March 16, 2006, 11:21:31 pm »

The only thing I see wrong is they referred to a command line argument as a command line itself. Is that it?

Ergot · « **Reply #10 on:** March 16, 2006, 11:27:16 pm »

Crap I'm affected by it

.

iago · « **Reply #11 on:** March 17, 2006, 09:27:25 am »

Quote from: Joe on March 16, 2006, 11:21:31 pm

The only thing I see wrong is they referred to a command line argument as a command line itself. Is that it?

No. Look harder.

Joe · « **Reply #12 on:** March 17, 2006, 09:55:19 am »

And they spelled unrecognized wrong?

iago · « **Reply #13 on:** March 17, 2006, 10:15:32 am »

There you go.

Joe · « **Reply #14 on:** March 17, 2006, 08:40:18 pm »

I still don't get it though. Mind explaining?

Sidoh · « **Reply #15 on:** March 17, 2006, 08:46:05 pm »

Quote from: Joe on March 17, 2006, 08:40:18 pm

I still don't get it though. Mind explaining?

Quote from: iago on March 08, 2006, 10:30:10 am

[disclaimer: this is a joke. Anybody who thinks I'm serious should be shot.]

* Sidoh aims a 12-gauge at Joe.

Joe · « **Reply #16 on:** March 18, 2006, 07:32:01 pm »

I meant explain why it's supposed to be funny. Go away.

Warrior · « **Reply #17 on:** March 18, 2006, 09:04:49 pm »

Because it's so stupid..can't you relate?

Joe · « **Reply #18 on:** March 18, 2006, 11:23:34 pm »

Ok. I get it now, but don't find it funny, and I'm not sure why this is considered a vuln. Whatever. =p

Sidoh · « **Reply #19 on:** March 19, 2006, 12:50:56 am »

Quote from: Joe on March 18, 2006, 11:23:34 pm

Ok. I get it now, but don't find it funny, and I'm not sure why this is considered a vuln. Whatever. =p

It's ... not considered a vunerability. That's why it's funny.

From the proportion of people who needed explanation to understand the humor behind this, I think we'd need a lot more shotgun shells than we were planning for, iago.

iago · « **Reply #20 on:** March 19, 2006, 12:57:07 am »

I can't afford many shells. Can you just get a Goldeneye magnum (or whatever they called it) and line them up single file?

Quik · « **Reply #21 on:** March 19, 2006, 01:15:33 am »

Quote from: iago on March 19, 2006, 12:57:07 am

I can't afford many shells. Can you just get a Goldeneye magnum (or whatever they called it) and line them up single file?

Golden Gun?

Sidoh · « **Reply #22 on:** March 19, 2006, 02:55:07 am »

Quote from: iago on March 19, 2006, 12:57:07 am

I can't afford many shells. Can you just get a Goldeneye magnum (or whatever they called it) and line them up single file?

It's brilliant!

iago · « **Reply #23 on:** March 19, 2006, 10:23:43 am »

Quote from: Quik on March 19, 2006, 01:15:33 am

Quote from: iago on March 19, 2006, 12:57:07 am
I can't afford many shells. Can you just get a Goldeneye magnum (or whatever they called it) and line them up single file?

Golden Gun?

No, the magnum. The one that shoots through people and hits people behind them.

Joe · « **Reply #24 on:** March 19, 2006, 01:55:06 pm »

Good idea. Wait, shit..

News:

Author Topic: Critical vulnerability in ipconfig (Read 8801 times)