Vulnerability Development mailing list archives

Re: Win2K Local DoS?

From: Alexander Sanda <as () PSA AT>
Date: Thu, 3 Aug 2000 18:14:13 +0200

At 05:29 03.08.2000 -0700, Kevin Stephenson wrote:

I ran services.exe from the run box, and it took my load up to 100%.
Checking the task list, there were 2 services.exe and Win2K would not allow
me to kill either process. The one I spawned was running at 99% of load. I
then started up another 10 services.exe processes. Eventually, the load
spread to about 33% over 3 of the processes. I don't see a way to kill
these processes without a reboot. Have a nice day.


This is only because task manager doesn't let you terminate "critical
system processes" (services.exe beeing one of them). With some other
utility (e.g. the process viewer coming with the resource kit or Visual
C++) you can safely kill this process.

And there is absolutely no reason for services.exe beeing executable by
normal users (although, the standard permissions set by the Win2k
installation disagree here ;) ).

Current thread:

Win2K Local DoS? Kevin Stephenson (Aug 03)
- Re: Win2K Local DoS? Dimitry Andric (Aug 03)
- Re: Win2K Local DoS? Alexander Sanda (Aug 03)
- Re: Win2K Local DoS? LordRaYden (Aug 05)
- <Possible follow-ups>
- Re: Win2K Local DoS? Oliver Friedrichs (Aug 03)
- Re: Win2K Local DoS? Maxime Rousseau (Aug 05)
  - Re: Win2K Local DoS? Dimitry Andric (Aug 05)
    - Re: Win2K Local DoS? Kevin Stephenson (Aug 06)
    - Re: Win2K Local DoS? Mikael Olsson (Aug 08)
    - Re: Win2K Local DoS? Nicolas Rachinsky (Aug 09)
  - Re: Win2K Local DoS? pantera (Aug 05)
- Re: Win2K Local DoS? bfiero (Aug 09)
  - Re: Win2K Local DoS? Timothy J. Miller (Aug 10)

(Thread continues...)