Dailydave mailing list archives
Re: information about Microsoft Windows PnP Denial of Service (16/11/2005) Bugtraq ID: 15460 (security focus)
From: Pusscat <pusscat () gmail com>
Date: Mon, 20 Feb 2006 10:30:57 -0500
It looks like your stub data is incorrect for the call here. Check the MIDL and make sure that you're sending the right amount and format. I don't really remember off the cuff what error number this relates to, but I'd guess it's 6c6 or something like that. Make sure that you've get an NDR long before your string if it's marked unique, and that your strings are proper NDR format as well. While the DoS condition does exist on XPSP2, it doesn't seem possible to crash the machine like on win2k, also, it's very difficult to consume more than 60% the size of the allowable swap file. This DoS condition can be found in almost all DLLs with remoted function calls. On 2/18/06 6:08 AM, "falconepippo () libero it" <falconepippo () libero it> wrote:
Hi, i'm italian student that study the Microsoft Windows PnP Denial of Service (16/11/2005) Bugtraq ID: 15460 on site securityfocus.com! I have some problem to test the exploit PnPDoS realized by Winny thomas: This is a test on WIndows 2000 server sp3: Memory leak when sending upnp_getdevicelist request [*] Resolving 192...: OK [*] Sending SMB Negotiate request: OK [*] Sending Null Session request: OK [*] Sending Null Session request: OK [*] Sending Tree Connect request: OK [*] Sending NT Creat AndX request: OK [*] Sending DCE RPC Bind UPNPMGR request: OK [*] UPNPMGR upnp_getdevicelist request: nca_s_fault_ndr Why this error?how i can resolve? Why when i test windows xp with or without sp1! the error displayed on ethereal is DCERPC Bind_ack: call_id: 0 Provider rejection, reason: Abstract syntax not supported Why this error? I have read that dave aitel have realized an exploit on windows xp sp2 and visit the list on daily dave i have read that exist an rpc_srvsvc_mmallocdos.rar that realized this!is possible obtain this or information about the correction on PnPDoS etc... Thanks.
~ Puss
Current thread:
- information about Microsoft Windows PnP Denial of Service (16/11/2005) Bugtraq ID: 15460 (security focus) falconepippo () libero it (Feb 18)
- Re: information about Microsoft Windows PnP Denial of Service (16/11/2005) Bugtraq ID: 15460 (security focus) Pusscat (Feb 21)