|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Vulnerability in WINS web server, NT4.0
Munil Shah (munils
MICROSOFT.COM)Wed, 6 Aug 1997 15:00:33 -0700
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Eric Allman: "Re: sendmail -C: Known? Patches? (AIX 4.1.5)"
- Previous message: Alex Belits: "Re: XFREE86 can block reserved ports"
Microsoft acknowleges the following problem with NT4.0 WINS servers and
the fix for this bug will be made available for the customers in NT5 and
will be posted on the Microsoft ftp site soon.
Thanks,
-Munil Shah
Software Design Engineer,
Microsoft Corp
------------------------------------------------------------------------
------------------------------------------------------------------------
--
When a flood of random (size and
contents) UDP packets is sent to port
137/UDP to machine running WINS Server,
this service stops after about 5
seconds. I reproduced this on several
machines running NTS 4.0 + WINS.
Even if there were SP3 and all (12)
recent postfixes, this service
stops. The stop is regular, without
Access Violation, manual restart is
possible (probably, when attacked, WINS
service reports its state to
SCM). I never tried to reproduce this
issue on NT 3.5x.
I discovered there are many unprotected
WINS servers in the Internet,
which are vulnerable to such attacks
(including one well-known software
vendor).
I reported this bug 06/27/1997, but now,
I have neither reply from MS
nor available fix.
If there's somebody who wants to get
sample source (in C, of course) of
killing program, I can send it against
E-mail.
Ondrej Holas, MCSE
DIGI TRADE, spol. s r.o.
Czech Republic
- Next message: Eric Allman: "Re: sendmail -C: Known? Patches? (AIX 4.1.5)"
- Previous message: Alex Belits: "Re: XFREE86 can block reserved ports"