Bugtraq mailing list archives
Re: NT/Exceed D.O.S.
From: steve () STANDAY KEBLE OX AC UK (Steve)
Date: Wed, 28 Apr 1999 23:34:26 +0100
This is regarding Hummingbird's Exceed X emulator v5 (and possibly v6) running on Windows NT. I haven't tested Win95/98. The Exceed X server allows inbound TCP connections on port 6000 from the XDM host. If someone uses telnet from the XDM host to connect to a PC running Exceed on port 6000 and enters any garbage text, the X server will hang and the Exceed session is frozen for good.
As far as I know, a variation of that bug has been present in all versions from the early Exceed for MS-Dos onwards. I stumbled on it 5 years ago when I was a student, so I didn't know whether it was a configuration error or a bug. I don't think I managed to permanently freeze the connection then, but it was certainly possible to freeze it for as long as you left the telnet connection to port 6000 open. If I remember correctly, it didn't use to be just the XDM host that could make the connection, you could freeze Exceed from any host. I guess that would depend on the setting of the 'Host Access Control List' field. For the record, I've just tested Exceed v6 under Windows 98 and it still has the same effect. I also tested setting Exceed to only allow a given machine to connect, and I can still freeze it by telnetting from another machine in another subnet... I didn't manage to freeze it beyond the telnet session to port 6000 though. Steve.
Current thread:
- NT/Exceed D.O.S. LaFournaise, Chris J. (Apr 27)
- Re: NT/Exceed D.O.S. Ian Westcott (Apr 28)
- <Possible follow-ups>
- Re: NT/Exceed D.O.S. Matt Wilbur (Apr 28)
- Re: NT/Exceed D.O.S. Jamie Lawrence (Apr 29)
- Security Configuration Editor info Paul Leach (Apr 29)
- Re: NT/Exceed D.O.S. Steve (Apr 28)
- Re: NT/Exceed D.O.S. Max Norris (Apr 29)