Vulnerability Development mailing list archives
Re: bug w2k
From: "kam" <kam () aversion net>
Date: Mon, 30 Jul 2001 12:22:48 -0500
I've been able to make it work using both an administrator account and a non-administrator account. (That is, a user account with administrator privlleges, and one without.) Windows 2K 5.00.2195 SP 2 Hotfixes current. kam ----- Original Message ----- From: "Mark Saum" <msaum () fidelisconsulting com> To: <VULN-DEV () securityfocus com> Sent: Saturday, July 28, 2001 4:37 PM Subject: RE: bug w2k
I've verified this to work on Win2K Pro SP2. It took 3 F7s and my system hard-booted as if I had hit the reset button. On a Win2K Server SP2 on a terminal session (administrator mode) it
doesn't
crash the box. However: - You can create a "cmd.exe" session that is unkillable - You can't log off that session - You can't kill that session or "cmd.exe" process from the console (taskmgr.exe) - You can't log the user off from Terminal Services Manager - You can't create another instance of "cmd.exe" in that terminal session - A reboot is required to kill the session. Regards, Mark Saum Fidelis Consulting Corporation Dallas, TX -----Original Message----- From: SIFFREDI DANIEL [mailto:DSIFFREDI () nacion-afjp com ar] Sent: Friday, July 27, 2001 2:45 PM To: 'bugtraq () securityfocus com' Subject: bug w2k Hello, this is a new bug found in W2K in all flavors, works with all
levels
of users. Here is the proof of concept: Open a Cmd Window Ping to any host (for example ping 10.100.2.1 preferred a host in your
LAN),
no switch needed. Just ping Now press F7 and Enter (try a couple of times quickly...less than ten ,
and
you can see what a meaning) The machine reboots, from nothing a warm reboot. Please let me know if you have the same bug. I tried this in W2k sp2
English
and Spanish. Daniel Siffredi Administrador de Red de Microinformatica. Nacion AFJP SA
Current thread:
- RE: bug w2k Mark Saum (Jul 30)
- Re: bug w2k Blue Boar (Jul 30)
- Re: bug w2k ANdrei (Jul 30)
- Re: bug w2k Robert Kinsey - VIS Contractor (Jul 30)
- Re: bug w2k kam (Jul 30)
- RE: bug w2k Eugene Bodenstein (Jul 31)
- <Possible follow-ups>
- RE: bug w2k Jon Westmuckett (Jul 30)
- Re: bug w2k ANdrei (Jul 30)
- Re: bug w2k jan (Jul 30)
- Re: bug w2k cdowns (Jul 30)
- Re: bug w2k Nexus (Jul 30)
- Re: bug w2k ANdrei (Jul 30)
- Re: bug w2k Przemyslaw Frasunek (Jul 30)
- Re: bug w2k stefmit (Jul 30)
- RE: bug w2k Corwin, George (Jul 30)
- RE: bug w2k Edwin Concepcion (Jul 30)
(Thread continues...)
- Re: bug w2k Blue Boar (Jul 30)