Bugtraq mailing list archives
Pragma Systems response to USSRLabs report
From: labs () USSRBACK COM (Ussr Labs)
Date: Wed, 23 Feb 2000 17:50:50 -0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Pragma Systems response to USSRLabs report On February 22, 2000, Pragma Systems received an anonymous email regarding a security issue reported to NT Security News, hosted by Windows 2000 magazine, with our InterAccess TelnetD Server 4.0 for NT. We took immediate action to determine if a problem existed. After researching the report and the company reporting the issue, USSRLabs, we have determined that a possible problem could exist. We have been unable to duplicate the problem with the January 5, 2000 Build 7 release available from our site. We have tested our server installed on NT4 SP5, Windows 2000 Build 2128, and NT4 SP 6a. From the USSRLabs website, we have discovered that they tested with Build 4, build date of May 4, 1998, and did not complete the testing with the latest version to determine if the problem had been fixed. Please note, that this company did report the problem as occuring with a build nearly 2 years old. We do not have any information about what type of system USSRLabs did their testing on. The reported problem results in a 100% CPU usage. From our experience this is caused by a Winsock error during a recv() call. It is possible that this error would only occur on systems running the Service packs with winsock updates. Pragma Systems has requested testing procedures from USSRLabs to verify if a service pack update was attempted to solve the problem. At this time, we have little information about how this result was produced. Solutions to this problem are to update service packs and InterAccess TelnetD Server 4.0 to the latest build. For any further information on our testing and available updates, contact Beth Henry, Software Project Lead, at bethlh () pragmasys com. Thank you for taking the time to research this issue for yourself. Pragma Systems, Inc. 13706 Research Blvd, #301 Austin, TX 78750 (512) 219-7270 pragma () pragmasys com from http://www.pragmasys.com/USSR_response.htm - ---------------------------------------------------------------------- - ---------------------------------------------------- Appear the people of Pragma Systems, no undertand what is the real problem, the exploit (from us), made 100% usage, there are no problems in winsock or services pack. The program TelnetD have the problem in the implementation of the recv , who have a unchecked buffer, who cause a buffer overflow. u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com> iQA/AwUBOLRIKdybEYfHhkiVEQLMfgCfbwI2z1fgQHWxwlwK0C12/hDS1w8Anip+ 4iYqngt3kvT9GtotTMVtJfT3 =t1KQ -----END PGP SIGNATURE-----
Current thread:
- Re: Wordpad vulnerability, exploitable also in IE for Win9x, (continued)
- Re: Wordpad vulnerability, exploitable also in IE for Win9x Curtis Anderson, CNE, MCSE (Feb 25)
- Troj_Trinoo and ZZ Simple Nomad (Feb 25)
- man bugs might lead to root compromise (RH 6.1 and other boxes) Michal Zalewski (Feb 26)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Mark Whitis (Feb 27)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) H D Moore (Feb 27)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) Michal Zalewski (Feb 28)
- Re: man bugs might lead to root compromise (RH 6.1 and other boxes) H D Moore (Feb 28)
- DOS in TrendMicro OfficeScan Veille Technologique (Feb 28)
- TrendMicro OfficeScan tmlisten.exe DoS Jeff Stevens (Feb 25)
- Re: Troj_Trinoo and ZZ Simple Nomad (Feb 26)