Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Service Pack 4 - Issues

From: aleph1 () DFW NET (Aleph One)
Date: Tue, 27 Oct 1998 11:02:06 -0600

---------- Forwarded message ----------
Date: Sat, 24 Oct 1998 23:53:34 -0600
From: Steve Manzuik <steve.manzuik () TELUS COM>
To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM
Subject: Re: [NTSEC] Service Pack 4 - Issues

Well, on my tests, with a Compaq laptop (my personal machine).

I installed SP3 plus the hotfixes especially the LSASS one.  I ran the LSASS
DoS attack and it did not work on the machine.  I then installed SP4 (40bit)
on the exact same machine and copy of NT, ran the same LSASS DoS attack and
it worked.  I have not tried the 128bit SP4 but I assume the results would
be the same.

On Monday, I will be back in my office and be able to go to the lab and try
this on more machines but, I suspect that my findings will be the same.

I emailed Microsoft two days ago but have not gotten a response as of yet.

                -----Original Message-----
                From:   Micheal Espinola Jr [mailto:micheale () ix netcom com]
                Sent:   Saturday, October 24, 1998 9:59 PM
                To:     'Steve Manzuik'
                Subject:        RE: [NTSEC] Service Pack 4 - Issues

                If what you say is true, then they have neglected to
incorporate the
                Lsa2-fix Hot Fix into Service Pack 4, or did so incorrectly.

                I hope that this is an isolated incidence.  Have you heard
otherwise?


+-------------------------------+-----------------------------------+
                | Micheal Espinola Jr           | Hardening NT 4 Security
Checklist |
                | NT Administrator              |
http://www.netcom.com/~honeyluv/  |
                | mailto:micheale () ix netcom com |
|

+-------------------------------+-----------------------------------+
                 "Views expressed by this individual may differ from your
own...
                                                   ...Reader discretion is
advised."


                | -----Original Message-----
                | From: owner-ntsecurity () iss net
[mailto:owner-ntsecurity () iss net]On
                | Behalf Of Steve Manzuik
                | Sent: Friday, October 23, 1998 3:21 PM
                | Cc: recipient list not shown: ;
                | Subject: [NTSEC] Service Pack 4 - Issues
                |
                |
                |
                | TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to
majordomo () iss net
                | Contact ntsecurity-owner () iss net for help with any
problems!
                |
--------------------------------------------------------------
                | -------------
                |
                | Hopefully someone can correct me if I am wrong here but,
is
                | it not safe to
                | assume that all of the previous "issues" that required a
MS
                | Hotfix would be
                | fixed with SP4?
                |
                | The reason I ask is because, just for the hell of it, I
                | installed SP4 40bit
                | then attempted a number of DoS attacks on my box.  The
only
                | one that worked
                | was the LSASS.EXE DoS attack.
                |
                | Can anyone else duplicate or confirm this?
                |
Previous By Date Next
Previous By Thread Next

Current thread: