Almost every program using MS's C Runtime library for select() will suffer
from this problem. This vulnerability is only a problem if it listens on a
port. For example, nslookup.exe from Microsoft uses a whole bunch of CRT
calls, including select(), but doesn't listen on any ports.

Look for programs that use select(), and load msvcrt.dll (or close
relations, and/or statically link with them). The CRT has been known broken
for a long time.

If you port programs from Unix-land, please do yourselves a favor, and
change code that relies heavily on select() or poll() to use native winsock
async I/O. Not only do you get far higher throughput, it's likely that you
will be far more robust.

Andrew

-----Original Message-----
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQLISTSERV.NTBUGTRAQ.COM]On Behalf Of USSR Labs
Sent: Friday, 16 March 2001 05:42
To: NTBUGTRAQLISTSERV.NTBUGTRAQ.COM
Subject: Remote DoS attack against SSH Secure Shell for Windows Servers
Vulnerability
Importance: High

[snip]
Topic: Remote DoS attack against SSH Secure Shell for
Windows Servers Vulnerability

----------------------------------------------------------------------------
Delivery co-sponsored by Trend Micro
============================================================================
TREND MICRO REAL-TIME VIRUS ALERTS
If you would like to know about a virus outbreak before CNN and ZDNet get
Trend Micro Virus Info Feed FREE. Simply copy and paste a small piece of
code to give your visitors a real-time top 10 list and the latest virus
advisories. Setup takes just 10 minutes and requires no server-side code on
your Web site. All content is updated automatically from Trend Micro's Web
site.
http://www.antivirus.com/banners/tracking.asp?si=8&bi=237&ul=/syndication/
vinfo/
----------------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]