|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Frank Knobbe (FKnobbe
KnobbeITS.com)Date: Sat Sep 29 2001 - 01:01:07 CDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: Jim Harrison (SPG) [mailto:jmharrmicrosoft.com]
> Sent: Friday, September 28, 2001 4:13 PM
>
> But to answer your question, I can't see much DoS value there,
> since loss of time sync outside the AD is more of a nuisance than
> anything else. If they can get in and block client-AD time sync,
> then
> they have
> something useful.
I think Debra is asking, is the W32Time service vulnerable to buffer
overflows (like in CIAC Bulletin L-071) rather than a DoS. Since UDP
is easily spoofed, someone could preempt a valid time server response
with a large, nasty, and stack smashing NTP packet...
I'm not aware of a bug in W2K's NTP service, but that doesn't mean
there is none :)
Regards,
Frank
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.8
Comment: PGP or S/MIME (X.509) encrypted email preferred.
iQA/AwUBO7Vjo5ytSsEygtEFEQIHjACgiRQmQim5ZIYtWdicUD0KUr5/8CEAn2ib
QH47PImsoquh5Z91d6PJ/j3x
=QC02
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]