Bugtraq mailing list archives
Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exec odeerror
From: Rob Terry <RTerry () EXCEL COM>
Date: Mon, 18 Dec 2000 17:09:15 -0600
I'm on SP6a and unable to make my system crash connecting to any of the 10xx ports I've got open. When I successfully connect to 1028, I can shoot anything I want at it, but i don't see a significant long term performance changes or an indication that any process is bothered by the extra data. My system doesn't have MSTASK.EXE installed on it, but from what I can see this isn't an Windows NT file - it's one installed by IE 5 (I'm running 4.02, I'm at work and don't browse that much). A search of MS's KB for mstask.exe just turned up two docs - one of them: http://support.microsoft.com/support/kb/articles/Q221/7/81.ASP?LN=EN-US&SD=g n&FR=0&qry=%26quot%3Bmstask.exe%26quot%3B&rnk=2&src=DHCS_MSPSS_gn_SRCH&SPR=M SALL Which lists the files installed by IE5, and the other a list of files included with Win98SE, which contained IE5. I think what we might be looking at here is an addition to the Win32 system, maybe tied to that enhanced IE desktop GUI you don't have a choice about having when you install IE5. Maybe it's something to do with the ability to add web items as objects within the desktop, because I'm thinking that would have to add another level of object communication that might be done in a fashion similar to X - connection via internal TCP sockets. I'm not even 20% sure this is it, but whatever it is it's not Windows NT's scheduler - that's ATSVC.EXE. I'll do some further research, but as I'm not much of a coder and I'm really busy, someone out there might want to use SysInternal's reg/filemon to see what objects are being grabbed and go from there, if they can duplicate this error. -----Original Message----- From: John Herron [mailto:john.herron () RRC STATE TX US] Sent: Friday, December 15, 2000 2:32 PM To: BUGTRAQ () SECURITYFOCUS COM Subject: Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.execodeerror Not sure why, but I'm trying it on any ports I have available (the ones simular to yours are 1026, 1028, and 1029. 1026 won't connect, 1029 won't connect 1028 does connect and accepts any data I shoot at it but it never crashes and no processes even seem to notice my presence. I'm running NT 4.0, SP5 also. Is there a certain service you two are running?
Current thread:
- Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exec odeerror Rob Terry (Dec 19)
- <Possible follow-ups>
- Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exec odeerror Rob Terry (Dec 19)