Author Topic: Critical vulnerability in ipconfig  (Read 8814 times)

0 Members and 1 Guest are viewing this topic.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Critical vulnerability in ipconfig
« on: March 08, 2006, 10:30:10 am »
From a mailing list:

Quote
This is a very serious matter. I've found an error in how the IPCONFIG
command handles incorrect command line input.

    C:\>ipconfig lksdflkjdsakfl
 
    Error: unrecongnized or incomplete command line.
 
Clearly the error line is supposed to say "unrecognized". I don't know if
this is an exploitable issue. I've only tested it on Windows XP SP2.

Let's hope Microsoft patches this before it's too late!! 

<edit> Apparently the German version of Microsoft Windows does not suffer from this problem.  You might consider setting your language to German until a patch comes out:
Quote
C:\>ipconfig lksdflkjdsakfl
Fehler: Unbekannte oder unvollständige Befehlszeile.



[disclaimer: this is a joke.  Anybody who thinks I'm serious should be shot.]

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Critical vulnerability in ipconfig
« Reply #1 on: March 08, 2006, 10:45:01 am »
Hahahah, that's great.

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: Critical vulnerability in ipconfig
« Reply #2 on: March 08, 2006, 11:50:05 am »
What the hell?  That guy is an idiot.
And like a fool I believed myself, and thought I was somebody else...

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Critical vulnerability in ipconfig
« Reply #3 on: March 08, 2006, 11:55:58 am »
What the hell?  That guy is an idiot.
As I said, it's a joke :P

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Critical vulnerability in ipconfig
« Reply #4 on: March 08, 2006, 01:25:46 pm »
What the hell?  That guy is an idiot.

* Sidoh shoots Blaze.

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: Critical vulnerability in ipconfig
« Reply #5 on: March 08, 2006, 06:47:48 pm »
I understood it as a joke.  That doesn't make the joke or the person who made it up any less idiotic.
And like a fool I believed myself, and thought I was somebody else...

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Critical vulnerability in ipconfig
« Reply #6 on: March 08, 2006, 07:01:43 pm »
I understood it as a joke.  That doesn't make the joke or the person who made it up any less idiotic.

Why?  Because you fail to see the humor in it?  Your problem.

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: Critical vulnerability in ipconfig
« Reply #7 on: March 08, 2006, 07:12:19 pm »
I find humor in it, it's just TOO stupid.
And like a fool I believed myself, and thought I was somebody else...

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: Critical vulnerability in ipconfig
« Reply #8 on: March 08, 2006, 08:21:20 pm »
I find humor in it, it's just TOO stupid.

It's a subjective statement.  Calling someone an idiot is too, but it's a much more personal issue...

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Critical vulnerability in ipconfig
« Reply #9 on: March 16, 2006, 11:21:31 pm »
The only thing I see wrong is they referred to a command line argument as a command line itself. Is that it?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: Critical vulnerability in ipconfig
« Reply #10 on: March 16, 2006, 11:27:16 pm »
Crap I'm affected by it :(.
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Critical vulnerability in ipconfig
« Reply #11 on: March 17, 2006, 09:27:25 am »
The only thing I see wrong is they referred to a command line argument as a command line itself. Is that it?
No.  Look harder. 

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Critical vulnerability in ipconfig
« Reply #12 on: March 17, 2006, 09:55:19 am »
And they spelled unrecognized wrong?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: Critical vulnerability in ipconfig
« Reply #13 on: March 17, 2006, 10:15:32 am »
There you go. 

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: Critical vulnerability in ipconfig
« Reply #14 on: March 17, 2006, 08:40:18 pm »
I still don't get it though. Mind explaining?
I'd personally do as Joe suggests

You might be right about that, Joe.