Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exec odeerror

From: Rob Terry <RTerry () EXCEL COM>
Date: Mon, 18 Dec 2000 17:09:15 -0600
I'm on SP6a and unable to make my system crash connecting to any of the 10xx
ports I've got open. When I successfully connect to 1028, I can shoot
anything I want at it, but i don't see a significant long term performance
changes or an indication that any process is bothered by the extra data.

My system doesn't have MSTASK.EXE installed on it, but from what I can see
this isn't an Windows NT file - it's one installed by IE 5 (I'm running
4.02, I'm at work and don't browse that much). A search of MS's KB for
mstask.exe just turned up two docs - one of them:

http://support.microsoft.com/support/kb/articles/Q221/7/81.ASP?LN=EN-US&SD=g
n&FR=0&qry=%26quot%3Bmstask.exe%26quot%3B&rnk=2&src=DHCS_MSPSS_gn_SRCH&SPR=M
SALL

Which lists the files installed by IE5, and the other a list of files
included with Win98SE, which contained IE5. I think what we might be looking
at here is an addition to the Win32 system, maybe tied to that enhanced IE
desktop GUI you don't have a choice about having when you install IE5. Maybe
it's something to do with the ability to add web items as objects within the
desktop, because I'm thinking that would have to add another level of object
communication that might be done in a fashion similar to X - connection via
internal TCP sockets. I'm not even 20% sure this is it, but whatever it is
it's not Windows NT's scheduler - that's ATSVC.EXE. I'll do some further
research, but as I'm not much of a coder and I'm really busy, someone out
there might want to use SysInternal's reg/filemon to see what objects are
being grabbed and go from there, if they can duplicate this error.



-----Original Message-----
From: John Herron [mailto:john.herron () RRC STATE TX US]
Sent: Friday, December 15, 2000 2:32 PM
To: BUGTRAQ () SECURITYFOCUS COM
Subject: Re: Vulnerability Report For Microsoft Windows NT 4.0
MSTask.execodeerror


Not sure why, but I'm trying it on any ports I have available (the ones
simular
to yours are 1026, 1028, and 1029.  1026 won't connect, 1029 won't connect
1028 does connect and accepts any data I shoot at it but it never crashes
and no processes even seem to notice my presence.  I'm running NT 4.0, SP5
also.  Is there a certain service you two are running?
Previous By Date Next
Previous By Thread Next

Current thread: