Re: bug w2k

["kam" <kam () aversion net>]

I've been able to make it work using both an administrator account and a
non-administrator account. (That is, a user account with administrator
privlleges, and one without.)

Windows 2K 5.00.2195
SP 2
Hotfixes current.

kam


----- Original Message -----
From: "Mark Saum" <msaum () fidelisconsulting com>
To: <VULN-DEV () securityfocus com>
Sent: Saturday, July 28, 2001 4:37 PM
Subject: RE: bug w2k


> I've verified this to work on Win2K Pro SP2.  It took 3 F7s and my system
> hard-booted as if I had hit the reset button.
>
> On a Win2K Server SP2 on a terminal session (administrator mode) it
doesn't
> crash the box.  However:
>  - You can create a "cmd.exe" session that is unkillable
>  - You can't log off that session
>  - You can't kill that session or "cmd.exe" process from the console
> (taskmgr.exe)
>  - You can't log the user off from Terminal Services Manager
>  - You can't create another instance of "cmd.exe" in that terminal session
>  - A reboot is required to kill the session.
>
> Regards,
>
> Mark Saum
>
> Fidelis Consulting Corporation
> Dallas, TX
>
> -----Original Message-----
> From: SIFFREDI DANIEL [mailto:DSIFFREDI () nacion-afjp com ar]
> Sent: Friday, July 27, 2001 2:45 PM
> To: 'bugtraq () securityfocus com'
> Subject: bug w2k
>
>
> Hello, this is a new bug found in W2K in all flavors, works with all
levels
> of users.
>
> Here is the proof of concept:
>
> Open a Cmd Window
> Ping to any host (for example ping 10.100.2.1 preferred a host in your
LAN),
> no switch needed. Just ping
> Now press F7 and Enter (try a couple of times quickly...less than ten ,
and
> you can see what a meaning)
> The machine reboots, from nothing a warm reboot.
> Please let me know if you have the same bug. I tried this in W2k sp2
English
> and Spanish.
>
>
> Daniel Siffredi
> Administrador de Red de Microinformatica.
> Nacion AFJP SA