News Register Control Panel Private Messages Members List Team Search News Posts About Us
 

Bug found in: Polymorph 0.4.0
  Author: Ravish Ahuja
Added: 05/24/2003
Type: Advisory
Viewed: 273 time(s)
[ Not Rated Yet ]
Description

     Polymorph is a filesystem "unixier" (a Win32 -> Unix filename convertor)
     When downloading images from Usenet alot of filenames are mangled by MS Outlook
     and other, less caring, newsagents.
     There could be files with strange names like C:\\PIX\\HUBBLE\\Eagle\ Nebula\ 0532.JPG
     and this, of course, is unacceptable.
     Polymorph looks in the current working directory and finds strange filenames like this.
     It then renames the file after converting all the characters to lowercase and
     trimming the cruft from the original.
     The previous example turned out to have the name eagle_nebula_0532.jpg which is
     much more useful.

     Polymorph contains an unchecked buffer in the "-f file" option,
     this can be exploited very simple.


Article Pages:  1 | 2 | 3 | Next   


How would you rate this article:    Bad Good   Go  


Copyright Linux Advisory 2003. All rights reserved.
We are not responsible for the comment and story contributed by users.