Bugtraq mailing list archives
NetBus client 1.x overflow
From: bugtraqmail () GMX DE (Daniel Rosowski)
Date: Mon, 22 Feb 1999 22:43:56 +0100
Hello all you bugtraq"ers" out there, I don't know if this is already known, if so please excuse my post. When I was experimenting with the remote administration tool NetBus 1.x client I found something interesting. I set up netcat (TCP/IP tool, at www.l0pht.com) to send a file 700kb of size to every host that connects to my port 12345. When I connected with the NetBus client to the localhost, NetBus crashed about three seconds later. I tried that on a dialup connection with a friend and it worked, too. The new NetBus 2.0 Pro is not affected by the overflow, it cuts the connection when it doesn't recognize the NetBus server message. I don't have any suggestion how to fix the problem other than not to use it:-) Daniel Rosowski --- Sent through Global Message Exchange - http://www.gmx.net
Current thread:
- Re: Pro/wuFTPD DoS, (continued)
- Re: Pro/wuFTPD DoS CyberPsychotic (Feb 17)
- Re: Pro/wuFTPD DoS CyberPsychotic (Feb 19)
- Re: Pro/wuFTPD DoS Chris Wedgwood (Feb 20)
- Process table attack (from RISKS Digest) Mark Boolootian (Feb 20)
- LSOF exploit c0nd0r (Feb 21)
- Re: Process table attack (from RISKS Digest) Olle Segerdahl,D (Feb 22)
- Re: Process table attack (from RISKS Digest) Jan B. Koum (Feb 22)
- ANNOUNCE: Net::RawIP 0.06 has been released Sergey V. Kolychev (Feb 22)
- Summary: Copyright on Security advisories Aviram Jenik (Feb 22)
- Re: Process table attack (from RISKS Digest) Dug Song (Feb 22)
- NetBus client 1.x overflow Daniel Rosowski (Feb 22)
- Re: Process table attack (from RISKS Digest) James Lockwood (Feb 22)
- Re: Process table attack (from RISKS Digest) Dirk Moerenhout (Feb 22)
- Re: Process table attack (from RISKS Digest) unknown () RIVERSTYX NET (Feb 22)
- Re: Process table attack (from RISKS Digest) Andrew Hobgood (Feb 22)
- Denial of service process table attacks John Conover (Feb 23)
- Group kmem exploitable? Oliver Xymoron (Feb 23)
- Re: Pro/wuFTPD DoS Alex Belits (Feb 21)
- Re: Pro/wuFTPD DoS Chris Wedgwood (Feb 20)
- ISS install.iss security hole Fyodor (Feb 20)
- Re: ISS install.iss security hole Joel Eriksson (Feb 22)
- Preventing remote OS detection Patrick Gilbert (Feb 22)