Bugtraq mailing list archives

NetBus client 1.x overflow

From: bugtraqmail () GMX DE (Daniel Rosowski)
Date: Mon, 22 Feb 1999 22:43:56 +0100


Hello all you bugtraq"ers" out there,

I don't know if this is already known, if so please excuse my post.

When I was experimenting with the remote administration tool     NetBus
1.x client I found something interesting. I set up netcat (TCP/IP tool, at
www.l0pht.com) to send a file 700kb of size to every host that connects to my
port 12345. When I connected with the NetBus client to the localhost, NetBus
crashed about three seconds later.
I tried that on a dialup connection with a friend and it worked, too.
The new NetBus 2.0 Pro is not affected by the overflow, it cuts the
connection when it doesn't recognize the NetBus server message.
I don't have any suggestion how to fix the problem other than not to use
it:-)

Daniel Rosowski
---
Sent through Global Message Exchange - http://www.gmx.net

Current thread:

Re: Pro/wuFTPD DoS, (continued)
- - Re: Pro/wuFTPD DoS CyberPsychotic (Feb 17)
- Re: Pro/wuFTPD DoS CyberPsychotic (Feb 19)
  - Re: Pro/wuFTPD DoS Chris Wedgwood (Feb 20)
    - Process table attack (from RISKS Digest) Mark Boolootian (Feb 20)
    - LSOF exploit c0nd0r (Feb 21)
    - Re: Process table attack (from RISKS Digest) Olle Segerdahl,D (Feb 22)
    - Re: Process table attack (from RISKS Digest) Jan B. Koum (Feb 22)
    - ANNOUNCE: Net::RawIP 0.06 has been released Sergey V. Kolychev (Feb 22)
    - Summary: Copyright on Security advisories Aviram Jenik (Feb 22)
    - Re: Process table attack (from RISKS Digest) Dug Song (Feb 22)
    - NetBus client 1.x overflow Daniel Rosowski (Feb 22)
    - Re: Process table attack (from RISKS Digest) James Lockwood (Feb 22)
    - Re: Process table attack (from RISKS Digest) Dirk Moerenhout (Feb 22)
    - Re: Process table attack (from RISKS Digest) unknown () RIVERSTYX NET (Feb 22)
    - Re: Process table attack (from RISKS Digest) Andrew Hobgood (Feb 22)
    - Denial of service process table attacks John Conover (Feb 23)
    - Group kmem exploitable? Oliver Xymoron (Feb 23)
    - Re: Pro/wuFTPD DoS Alex Belits (Feb 21)
  - ISS install.iss security hole Fyodor (Feb 20)
    - Re: ISS install.iss security hole Joel Eriksson (Feb 22)
    - Preventing remote OS detection Patrick Gilbert (Feb 22)

(Thread continues...)