---------- Forwarded message ---------- Date: Sat, 30 Sep 1995 02:03:58 -0700 (PDT) From: Rich Graves <llurch@Networking.Stanford.EDU> To: Ken Simler <krs2@cornell.edu> Subject: Re: Serious Windows TCP/IP Security Hole (fwd) This doesn't work for you? Please get back to me if you figure it out. I'd like to document the problem accurately. -rich ---------- Forwarded message ---------- Date: Thu, 28 Sep 95 23:45:49 -0400 From: Mark Thornton <markt@eng.umd.edu> To: llurch@networking.stanford.edu Newgroups: comp.os.ms-windows.win95.misc, comp.os.ms-windows.networking.windows, comp.os.ms-windows.networking.tcp-ip Subject: Re: Serious Windows TCP/IP Security Hole I can confirm that the complete(floppy) version of Windows 95 STILL has the ../ bug ;-( The ... bug has been fixed correctly returning the following message chkpath: ERRDOS - ERRbadpath (Directory invalid.) But cd ../ WILL put you in the root directory of the share with the rights you had in the intial directory. Very bad... I've had to share all my drives read-only until the problem gets fixed.