Bugtraq mailing list archives
Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS
From: Peter Gründl <peter.grundl () DEFCOM COM>
Date: Fri, 16 Mar 2001 08:18:54 +0100
The CON/CON didn't affect NT (not natively anyway). Windows NT and 2000 run on different kernels than Win9x (if you can call those kernels?), and dos-devices (AFAIK) are implemented virtually on NT/2000. A fully patched Windows NT/2000 is still vulnerable to this attack if the host runs Mdaemon < 3.5.6. Besides it's not a request for a dos-device inside a dos-device (which is what triggered the old Win9x DoS. Peter Gründl Defcom Security ----- Original Message ----- From: "Nelson Brito" <nelson () secunet com br> To: "Peter Gründl" <peter.grundl () DEFCOM COM> Cc: <BUGTRAQ () SECURITYFOCUS COM> Sent: Thursday, March 15, 2001 6:39 PM Subject: Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS [snip]
I don't know, but it's a CON/CON old bug, isn't it? If you pacthed your NT Box, the app is not vulnerable to this BUG, isn't
it?
[snip]
Current thread:
- def-2001-11: MDaemon 3.5.4 Dos-Device DoS Peter Gründl (Mar 15)
- Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS Nelson Brito (Mar 16)
- Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS Peter Gründl (Mar 16)
- Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS Nelson Brito (Mar 16)