Full Disclosure mailing list archives

RE: Local DoS in windows.

From: "Joe" <mvp () joeware net>
Date: Sat, 11 Oct 2003 21:32:29 -0400

Umm nope, not on my XP SP1 machine. I have about 15 windows running and avg
1% utilization. I do your little trick and there is no change. 

Though maybe it is because my machine is one of those really fast 900Mhz
PIII's. 

Maybe the problem is you are running a hacked version of shell32.dll from
http://www.geocities.com/visitbipin/ and he screwed it up. 

Thanks for playing.

   joe


-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of bipin gautam
Sent: Friday, October 10, 2003 1:18 PM
To: Full-Disclosure () lists netsys com
Cc: bugtraq () securityfocus com

--- [Affected] ---
We have only tried it in windows Xp.

--- [Bug Details] ---
http://www.geocities.com/visitbipin/win_dos.jpg
The image is self explanatory...

--- [Description] ---
When you click to "any" close, maximize or minimize button's in windows Xp,
[No matter whether it's IE or a WordPad] surprisingly there is 100% CPU use
at the instant and it continues............ until you release the button!
Moreover, we've noticed if you continuously click the button for a long time
[... not release it and hold ON ] we've seen gradual/slow rise in page-file
use too...!!!

--- [Conclusion] ---
Hell... local DoS! That could be used by employees working at different
terminal..... (O;

--- [Background Information] ---
This bug was originally discovered by hUNT3R,[myself] a member of 01
Security Submission. The vendor was notified via email.
http://www.ysgnet.com/hn
--- [I want a JOB/scholarship... anyone??? - hUNT3R] ---

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Local DoS in windows., (continued)
- - RE: Local DoS in windows. Steve Wray (Oct 10)
    - Re: Local DoS in windows. Cael Abal (Oct 10)
    - Re: Local DoS in windows. [finally...] bipin gautam (Oct 10)
    - RE: Local DoS in windows. bipin gautam (Oct 10)
    - RE: Local DoS in windows. bipin gautam (Oct 10)
    - Re: Local DoS in windows. Richard Spiers (Oct 11)
    - Re: Local DoS in windows. Valdis . Kletnieks (Oct 11)
    - Re: Local DoS in windows. npguy (Oct 11)
    - Re: Local DoS in windows. bipin gautam (Oct 12)
    - Re: Local DoS in windows. [indeed it works... PROOF?] bipin gautam (Oct 12)
  - RE: Local DoS in windows. Joe (Oct 11)
    - Who Cried Wolf???!? (or, Who's Shell32.exe?) [was: Local DoS in windows] Arcturus (Oct 12)