Winsock 2.0 DoS

johnrCSH.RIT.EDU

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Development Team: "Problems with MDaemon 2.7.1"
• Previous message: Jon: "SLMail 2.6 DoS - Imail also"
• Next in thread: Henri Karrenbeld: "Re: Winsock 2.0 DoS"

If a user has the newest winsock patch for winsock 2.0, which can be
located at :

http://www.microsoft.com/windows95/info/ws2.htm

and attempts to do an address lookup on a address which doesn't exist
and is 13 characters long winsock will fault. This has been reproduced
on several computers and it takes a couple of seconds of looking up to
occur. This happens with every winsock program I've tested including
Netscape 3, Ie 3.0, and MS ping. Example sites that work are:

www.socois.cool
www.pcorner.org
blahd.yahoo.com

This apparently only works on names that are exactly 13 characters long
(not including periods).

This is dangerous because web pages can simply redirect browswers to
these pages or put img sources equal to nonexistent address entries
which will crash winsock.


johnr


------------------------------------------------------------------------
                            John Robinson
johnrcsh.rit.edu          jjr4693rit.edu        robinsonfoothills.net
"Twenty years from now you will be more disappointed by the things you
 didn't do than by the things you did do. So throw off the bowlines. Sail
 away from the safe harbor. Catch the trade winds in your sails. Explore.
 Dream. Discover." Mark Twain
------------------------------------------------------------------------

• Next message: Development Team: "Problems with MDaemon 2.7.1"
• Previous message: Jon: "SLMail 2.6 DoS - Imail also"
• Next in thread: Henri Karrenbeld: "Re: Winsock 2.0 DoS"