Bugtraq mailing list archives
Re: [NTSEC] CPU 100% Update (fwd)
From: ahuger () SECNET COM (Alfred Huger)
Date: Tue, 28 Jan 1997 16:27:31 -0700
On Tue, 28 Jan 1997, Aleph One wrote:
Finally, on the issue of NT DNS. There was a security advisory sent out by Secure Computing indicating that NT DNS could be exploited by sending
The advisory was released by Secure Networks Inc. *Not* Secure Computing.
results were that between DNS.EXE and SERVICES.EXE the CPU utilization was pegged at 100%.
The issue we released an advisory on was the NT DNS server choking and dying when it recieved a response for a query it never issued. The patch provided does not work.
these problems, but I should warn you that this is not a supported fix
Yep, it is in fact an usupported patch.
Given that DNS is one of the things that must be left open, the fact that it resolves the CPU 100% utilization problem from Telnet connections makes it a good fix in my book. I leave it to you to decide if you want to apply it or not. As yet, I have not seen a version for Alphas.
While the patch does not work for what *we* reported, it did seem to fix the 100% CPU usage problem. Cold comfort considering anyone, anywhere on the Internet can easilly *remove* your DNS server. /************************************************************************* Alfred Huger Phone: 403.262.9211 Secure Networks Inc. Fax: 403.262.9221 "Sit down before facts as a little child , be prepared to give up every preconcieved notion, follow humbly wherever and whatever abysses nature leads, or you will learn nothing" - Thomas H. Huxley **************************************************************************/
Current thread:
- [NTSEC] CPU 100% Update (fwd) Aleph One (Jan 28)
- Re: [NTSEC] CPU 100% Update (fwd) Alfred Huger (Jan 28)
- WinNT 4.0 and NT Backup Dave Beck (Jan 29)