Bugtraq mailing list archives

RE: bug w2k

From: "CJ Oakwood" <cj_oakwood () yahoo com>
Date: Sat, 28 Jul 2001 21:02:25 -0700

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

STOP, Fatal Error blue screen that appeared briefly

That is your BSOD.  This is a Kernel Mode Break.  Please send me the
*.dmp file, and I will try and see what happened, and what driver was
effected.
(If the file is massive, please share it out on a website/ftp Server,
and I'll download it that way.

Another way to catch this to run NTSD on cmd.exe or attach a Kernel
Debugger to the system.  If this is really a KD break, you will catch
it and be able to debug it in real time.  (Same with ntsd if it is a
user break).

CJ

- -----Original Message-----
From: Carl Livitt [mailto:carl () ititc com] 
Sent: Saturday, July 28, 2001 03:25
To: bugtraq () securityfocus com
Subject: Re: bug w2k

Just ping
Now press F7 and Enter (try a couple of times quickly...less than
ten  , and you can see what a meaning) The machine reboots, from
nothing a  warm reboot.


Confirmed on Win2K Pro SP2, English. The reboot would not happen when
there 
was no ping process. As soon as a ping was in progress, *boom*.

I did notice there was a STOP, Fatal Error blue screen that appeared
briefly, 
but I could not catch what it said before the machine rebooted.
Perhaps 
someone else will have more luck?

Does anyone know: is the F7 key (used in CMD.EXE as to bring up a 
most-recently-used command list) implemented in kernel or user space?
If its 
in user space, then this is a doubly worrying bug as it hints that it
would 
be possible for a non-privileged user to write code that could cause
a BSOD 
and reboot. If it's in kernel space, well I just hope that this
situation is 
not caused by an unchecked buffer....

Carl Livitt
Code Monkey
IT in the Community
England

- -- 
Free Dmitry!
http://www.boycottadobe.com

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>
Comment: Go to http://4.60.71.222/public/ for public key 

iQA/AwUBO2OK0a+nyPk9PHN7EQLPxgCg01zpdV3lEMnvjmQDLUwv6HdQEfwAniB+
Rl4ZXbpv23cnZjVgR8aPWxYA
=P8oa
-----END PGP SIGNATURE-----


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Current thread:

bug w2k SIFFREDI DANIEL (Jul 28)
- Re: bug w2k BrainMast (Jul 28)
- Re: bug w2k Carl Livitt (Jul 28)
  - RE: bug w2k CJ Oakwood (Jul 28)
- Re: bug w2k Ovidiu Muntean (Jul 28)
- Re: bug w2k - more followup Carl Livitt (Jul 28)
  - RE: bug w2k - more followup Mark L. Jackson (Jul 28)
- Re: bug w2k Nate Amsden (Jul 28)
- RE: bug w2k dave (Jul 29)
- <Possible follow-ups>
- RE: bug w2k Kevin Thayer (Jul 28)
- RE: bug w2k Linn Boyd (Jul 28)
  - RE: bug w2k Jonathan Rickman (Jul 28)
- RE: bug w2k Forrest J Cavalier III (Jul 28)
- RE: bug w2k Steven Evans (Jul 29)

(Thread continues...)