Strumpf Noir Society Advisories
! Public release !
<--#

-= Denicomp REXECD/RSHD Denial of Service Vulnerability =-

Release date: Thursday, May 3, 2001

Introduction:

Denicomp's REXECD and RSHD products are ports of their counterparts
on Unix-based systems, allowing the use of the rcp, rsh and rexec
commands on machines running MS Windows.

These products can be obtained through the vendors website at:
http://www.denicomp.com

Problem:

There exists a problem in the port-handling code of mentioned
products which exposes the services provided by these to a DoS attack.

When a string of +/- 4300 bytes is sent to the listening port of
the REXEC and/or RSH daemons (defaulting to the standard 512 and
514 ports), the service in question will die.

A restart will be needed to regain full functionality.

(..)

Solution:

Vendor has been notified and has verified this problem. New versions
of these products will be released from the vendor's website shortly.

Vulnerable:

WINNT/WIN2K:

Denicomp Winsock RSHD/NT v2.18.00 (Intel)
Denicomp Winsock RSHD/NT v2.17.07 (DEC Alpha)
Denicomp Winsock REXECD/NT v1.05.00 (Intel)
Denicomp Winsock REXECD/NT v1.04.08 (DEC Alpha)

Win95/98/ME:

Denicomp Winsock RSHD/95 v2.18.03
Denicomp Winsock REXECD/95 v1.00.02

Earlier versions are expected to be vulnerable as well, users are
encouraged to upgrade.

yadayadayada

Free sk8! (http://www.freesk8.org)

SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)
compliant, all information is provided on AS IS basis.

EOF, but Strumpf Noir Society will return!

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]