Bugtraq mailing list archives
Re: Fix for SMB DOS attack posted
From: paulle () MICROSOFT COM (Paul Leach)
Date: Fri, 13 Feb 1998 19:31:12 -0800
A bug Oliver privately reported (with more information and a repro program) was one of the ones fixed by the patch; it also fixed another one that I don't believe was reported (but since I was wrong about his...). I didn't realize he had posted a report about it to BUGTRAQ. I didn't want to mention his name without his permission. I'll gladly credit the other guy too, if he says its OK (I've sent mail). In any case, what I was really thinking and could have said better was that there was no publically released exploit. People worried about NT DOS attacks should also look at the LSA-FIX from last June. It fixed the problems mentioned by Paul Ashton in the archived message.
---------- From: Aleph One[SMTP:aleph1 () dfw dfw net] Sent: Friday, February 13, 1998 6:41 PM To: Paul Leach Cc: BUGTRAQ () NETSPACE ORG Subject: Re: Fix for SMB DOS attack posted On Fri, 13 Feb 1998, Paul Leach wrote:A hot-fix for a DOS attack on NT file servers that had not beenpreviouslypublically known has been posted. The following is the KB article on the fix. DOCUMENT: Q180963 TITLE :Denial of Service Attack Causes Windows NT Systems to Reboot PRODUCT :Microsoft Windows NT PROD/VER:4.00 OPER/SYS:WINDOWS KEYWORDS:kbbug4.00 kbfix4.00 NTSrv ntstopWell it would seem some folks have found the problem (or something similar) before as Oliver Friedrichs from Secure Networks hinted at back in October on the NTBugTraq mailing list. http://listserv.ntbugtraq.com/SCRIPTS/WA-NTBT.EXE?A2=ind9710&L=ntbugtraq&m =791&P=4201 Maybe the secnet folks would like to discuss some of their findings. Aleph One / aleph1 () dfw net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- Re: Fix for SMB DOS attack posted David LeBlanc (Feb 13)
- <Possible follow-ups>
- Fix for SMB DOS attack posted Paul Leach (Feb 13)
- Re: Fix for SMB DOS attack posted Aleph One (Feb 13)
- Re: Fix for SMB DOS attack posted Paul Leach (Feb 13)