I found this at: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/fsys_7qwj.asp
The following reserved words cannot be used as the name of a file: CON, PRN, AUX, CLOCK$, NUL, COM1, COM2, COM3, COM4, COM5, COM6, COM7, COM8, COM9, LPT1, LPT2, LPT3, LPT4, LPT5, LPT6, LPT7, LPT8, and LPT9. Also, reserved words followed by an extension—for example, NUL.tx7—are invalid file names. And unfortunately, I also found this: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/fileio/filesio_697p.asp Platform SDK: File Storage DefineDosDevice The DefineDosDevice function defines, redefines, or deletes MS-DOS device names. BOOL DefineDosDevice( DWORD dwFlags, // options LPCTSTR lpDeviceName, // device name LPCTSTR lpTargetPath // path string ); It looks like you can create your own device names, so just keeping a list of the standard ones won't work in all cases. Hope this helps, Jim Seach --- Larry Isaacs <[EMAIL PROTECTED]> wrote: > I was too optimistic after testing only with Win98. I get the same > problem with Win2k. > > As you have probably already discovered, FileUtil.savePath() blocks > the attempt to read > aux.jsp. So getting past the version file safely should be > sufficient. Updating the mangler > looks like it would work, though the fix is only as good as our list > of DOS devices. > I'm aware of: > > CON > NUL > COM1-COM9 > LPT1-LPT9 > AUX > > Do you know of any others? > > Larry > > -----Original Message----- > From: Bill Barker [mailto:[EMAIL PROTECTED]] > Sent: Tue 1/8/2002 7:43 PM > To: Tomcat Developers List > Cc: > Subject: Re: KPMG-2002003: Bea Weblogic DOS-device Denial of Service > > > > 1.3.0_01 returns true for isFile on my Win-NT box. > > I've attached the program I've been running (so as to avoid having to > load > all of Tomcat. > ----- Original Message ----- > From: "Larry Isaacs" <[EMAIL PROTECTED]> > To: "Tomcat Developers List" <[EMAIL PROTECTED]> > Sent: Tuesday, January 08, 2002 4:01 PM > Subject: RE: KPMG-2002003: Bea Weblogic DOS-device Denial of Service > > > I find that isFile() returns false, at least for JDK 1.3.1 and > JDK1.2.2. > I tried JDK1.1.8, but Tomcat 3.3.x wouldn't come up. I get: > > java.lang.ClassNotFoundException: > org.apache.tomcat.startup.EmbededTomcat > at org.apache.tomcat.util.compat.SimpleClassLoader.loadClass > > My preference would be to build a solution on isFile() if it can be > worked > out. > I still need to investigate where the test might best be applied. > > Larry > > -----Original Message----- > From: Bill Barker [mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> ] > Sent: Tue 1/8/2002 3:39 PM > To: Tomcat Developers List > Cc: > Subject: Re: KPMG-2002003: Bea Weblogic DOS-device Denial of Service > > This may be too kludgy, but my quick test shows that "aux.ver" > returns -11644473600000 for lastModified. > > Less kludgy would be to simply add a complete list of DOS devices to > the > "keywords" that are mangled. > > ----- Original Message ----- > From: "Larry Isaacs" <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > > > To: "'Tomcat Developers List'" <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > Sent: Tuesday, January 08, 2002 12:06 PM > Subject: RE: KPMG-2002003: Bea Weblogic DOS-device Denial of Service > > This also causes Tomcat 3.3 to hang a thread when it > tries to read aux.ver. Tomcat 3.2.4 doesn't appear > to have a problem and reports a "not found" error. > A quick test of Tomcat 4.0.1 returned a blank page > without hanging. > I'll investigate and prepare, if possible, a quick > patch to Tomat 3.3 and make a proposal for a > Tomcat 3.3.1 beta and release. > Thanks for relaying this. > Cheers, > Larry > > -----Original Message----- > > From: Jon Scott Stevens [mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> ] > > Sent: Tuesday, January 08, 2002 2:36 PM > > To: tomcat-dev > > Subject: FW: KPMG-2002003: Bea Weblogic DOS-device Denial of > Service > > > > > > I'm curious how Tomcat deals with this issue. > > > > Oh yea. Yet another reason why JSP sucks. :-) > > > > -jon > > > > ------ Forwarded Message > > From: Peter Gründl <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > > Date: Tue, 8 Jan 2002 16:33:26 +0100 > > To: <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > > Subject: KPMG-2002003: Bea Weblogic DOS-device Denial of Service > > > > > -------------------------------------------------------------------- > > > > -=>Bea Weblogic DOS-device Denial of Service<=- > > courtesy of KMPG Denmark > > > > BUG-ID: 2002003 Released: 8th Jan 2002 > > > -------------------------------------------------------------------- > > Problem: > > ======== > > A flaw in the way the Bea Weblogic server handles specific requests > > > containing DOS-devices can cause a Denial of Service situation, > > where web requests are no longer being serviced. > > > > Vulnerable: > > =========== > > - Bea Weblogic Server 6.1 Service Pack 1 for Windows NT/2000 > > - Older releases and other pure java application servers could be > > vulnerable, but haven't been tested. > > > > Details: > > ======== > > When the Weblogic server receives a .jsp request, it invokes an > > external compiler to deal with the .jsp ressource requested. The > > server can be fooled into thinking you are requesting a valid .jsp > > ressource by simply requesting a DOS-device (such as eg. aux) and > > appending the .jsp extension to it (aux.jsp). The external compiler > > > is then invoked and due to the nature of the DOS-devices, this > > working thread never finishes. > > > > The server can handle about a 10-11 working threads, so when this > > number of active threads has been reached, the server will no > > longer service any requests. Since both HTTP and HTTPS are handled > > by the same module, both are crippled if one is attacked. > > > > Vendor URL: > > =========== > > You can visit the vendors webpage here: http://www.beasys.com > <http://www.beasys.com> > <http://www.beasys.com <http://www.beasys.com> > > > > > Vendor response: > > ================ > > The vendor was contacted on the 6th of November, 2001. On the 15th > > of November the vendor confirms that they have reproduced the issue > > > on Windows 2000 and Windows NT. The issue is assigned the bug id: > > CR062542 by the vendor. On the 3rd of January, 2002 the vendor > > confirmed the release of the new service pack and that it included > > the patch for this issue. > > > > Corrective action: > > ================== > > Upgrade to Service Pack 2, which can be downloaded here: > > http://commerce.beasys.com <http://commerce.beasys.com> > <http://commerce.beasys.com <http://commerce.beasys.com> > > > > > > > Author: Peter Gründl ([EMAIL PROTECTED] <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > ) > > > > > -------------------------------------------------------------------- > > KPMG is not responsible for the misuse of the information we > provide > > through our security advisories. These advisories are a service to > > the professional security community. In no event shall KPMG be lia- > > > ble for any consequences whatsoever arising out of or in connection > > > with the use or spread of this information. > > > -------------------------------------------------------------------- > > > > ------ End of Forwarded Message > > > > > > -- > > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > > > > > ---------------------------------------------------------------------------- > > ---- > > > > -- > > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > > ATTACHMENT part 2 application/ms-tnef > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
