Bugtraq mailing list archives
RE: bug w2k
From: "CJ Oakwood" <cj_oakwood () yahoo com>
Date: Sat, 28 Jul 2001 21:02:25 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 STOP, Fatal Error blue screen that appeared briefly That is your BSOD. This is a Kernel Mode Break. Please send me the *.dmp file, and I will try and see what happened, and what driver was effected. (If the file is massive, please share it out on a website/ftp Server, and I'll download it that way. Another way to catch this to run NTSD on cmd.exe or attach a Kernel Debugger to the system. If this is really a KD break, you will catch it and be able to debug it in real time. (Same with ntsd if it is a user break). CJ - -----Original Message----- From: Carl Livitt [mailto:carl () ititc com] Sent: Saturday, July 28, 2001 03:25 To: bugtraq () securityfocus com Subject: Re: bug w2k
Just ping Now press F7 and Enter (try a couple of times quickly...less than ten , and you can see what a meaning) The machine reboots, from nothing a warm reboot.
Confirmed on Win2K Pro SP2, English. The reboot would not happen when there was no ping process. As soon as a ping was in progress, *boom*. I did notice there was a STOP, Fatal Error blue screen that appeared briefly, but I could not catch what it said before the machine rebooted. Perhaps someone else will have more luck? Does anyone know: is the F7 key (used in CMD.EXE as to bring up a most-recently-used command list) implemented in kernel or user space? If its in user space, then this is a doubly worrying bug as it hints that it would be possible for a non-privileged user to write code that could cause a BSOD and reboot. If it's in kernel space, well I just hope that this situation is not caused by an unchecked buffer.... Carl Livitt Code Monkey IT in the Community England - -- Free Dmitry! http://www.boycottadobe.com _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> Comment: Go to http://4.60.71.222/public/ for public key iQA/AwUBO2OK0a+nyPk9PHN7EQLPxgCg01zpdV3lEMnvjmQDLUwv6HdQEfwAniB+ Rl4ZXbpv23cnZjVgR8aPWxYA =P8oa -----END PGP SIGNATURE----- _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com
Current thread:
- bug w2k SIFFREDI DANIEL (Jul 28)
- Re: bug w2k BrainMast (Jul 28)
- Re: bug w2k Carl Livitt (Jul 28)
- RE: bug w2k CJ Oakwood (Jul 28)
- Re: bug w2k Ovidiu Muntean (Jul 28)
- Re: bug w2k - more followup Carl Livitt (Jul 28)
- RE: bug w2k - more followup Mark L. Jackson (Jul 28)
- Re: bug w2k Nate Amsden (Jul 28)
- RE: bug w2k dave (Jul 29)
- <Possible follow-ups>
- RE: bug w2k Kevin Thayer (Jul 28)
- RE: bug w2k Linn Boyd (Jul 28)
- RE: bug w2k Jonathan Rickman (Jul 28)
- RE: bug w2k Forrest J Cavalier III (Jul 28)
- RE: bug w2k Steven Evans (Jul 29)
(Thread continues...)