Remote Desktop DoS

[<altomo () nudehackers com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Remote Desktop 3.0 and previous DoS
Affected: 
Win95/95/ME running Mcafee Remote Desktop 3.0 and below
Problem:
possible for remote attacker to crash Remote Desktop session. in some
cases crashing the remote desktop agent.


Desc:

Remote desktop agent listens on ports 5044 and 5045.  5044 is to send
data and 5045 is to receive data.  After a session is started a 3rd
system can be used to send data to port 5045 of the agent and crash
the session.  The agent will then not respond for roughly a minute,
and in some cases not respond until restarted.


Exp:
to recreate this simply use netcat and send lots of data to port 5045
on the client system.

Vendor Status:
Notified that versions 2.12 and below were vuln. I was then ask for a
test of 3.x.  Supplied them with results of a 3.0 test. No further
word, several weeks have passed.

Fix/Work Around:
Don't use Remote Desktop on public infrastructure.  Filter where ever
possible.

- - --------------------------
altomo () nudehackers com
NudeHackersDotCom
Soooooo Sexy it hurts 
- - --------------------------

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOwKjYWx4bANfut9PEQIO2gCbBQIFRgkZMs26Cdia+/vh2kreIfUAn0tN
ixk4jPm8CQYUFq/my2S5gdov
=Kcub
-----END PGP SIGNATURE-----