Re: oshare testing

[aleph1 () UNDERGROUND ORG (Aleph One)]

A summary of the replies from people testing the oshare program against
different versions of Windows:

Reported Vulnerable  (Crash):

Windows 95              Nicu Pavel <panic () radiohit ro>
Windows 95              "C.J. Oster" <lordvadr () pobox com>
Windows 95 + USB        kpavlov () srgtampa com
Windows 95 OSR2         Nicu Pavel <panic () radiohit ro>
Windows 95 Japanese     sen_ml () eccosys com
Windows 95 DK attack from Linux 2.2.0, 2.0.36 and SunOS 4.1.4           nino () inform dk
Windows 95 UK attack from Linux 2.2.0, 2.0.36 and SunOS 4.1.4           nino () inform dk
Windows 98              Nicu Pavel <panic () radiohit ro>
Windows 98              maniac () JADIERKO LOCALHOST SK
Windows 98 Japanese     sen_ml () eccosys com
Windows 98 UK attack from Linux 2.2.0, 2.0.36 and SunOS 4.1.4           nino () inform dk

Reported Vulnerable (Frozen, no BSOD):

Windows 98 4.10.1998 all windowsupdate patches. Launched attack from Linux.     "Keith Warno" <keith.warno () iname com>

Reported Vulnerable (Frozen until packets stop):

Windows 98              "C.J. Oster" <lordvadr () pobox com>
Windows 98              Vanja Hrustic <vanja () SIAMRELAY COM>

Reported Not Vulnerable:

Windows 98 English              sen_ml () eccosys com
Windows 98 tested from Linux    tsd () Cal001307 student utwente nl     
Window NT 4.0 SP3               maniac () JADIERKO LOCALHOST SK
Windows NT 4.0 SP4 Japanese     sen_ml () eccosys com
Linux 2.0.36                    maniac () JADIERKO LOCALHOST SK

Someone also mentioned that Linux (2.0.36) replaces the ip total length
field with 40, the actual ip-packet length (as seen by pcap).


--
Aleph One / aleph1 () underground org
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01