Vulnerability Development mailing list archives
Re: Naptha - New DoS
From: Ron DuFresne <dufresne () WINTERNET COM>
Date: Fri, 8 Dec 2000 10:43:20 -0600
Rather then spending all that time going from desktop to desktop to fix something others are going to unfix anyway, do as one should for these MN$ open ports and block 137-139 tcp and udp at the gateway/firewall. Saves time and monies. Thanks, Ron DuFresne On Fri, 8 Dec 2000, Lincoln Yeoh wrote:
At 11:34 PM 12/6/00 -0500, White Vampire wrote:Some affected operating systems: * Novell's Netware 5.0 with sp1 (Will not recover) * Linux (2.2.x .. others ?) (Unknown.. can recover sometimes?) * FreeBSD 4.0-REL (Can recover in short period) * Possibly others.. it is a rather widespread problem.Microsoft says that Windows 9x is affected if File and Printer sharing is enabled. http://www.microsoft.com/technet/security/bulletin/MS00-091.asp http://www.microsoft.com/technet/security/bulletin/fq00-091.aspThis vulnerability could only be exploited if TCP port 139 was open on the target machine. If the server service or File/Print sharing were disabled on a computer it would not be susceptible to this vulnerabilityHowever, I've noticed that even if file/print sharing is disabled, but Microsoft's "Client for Microsoft Networks" or "Microsoft Family Logon" is installed, Windows 9x still listens to port 139 and accepts connections. Does this still mean it can be affected? Is Microsoft's advisory accurate? Or do we still have to manually unbind port 139 or uninstall those Microsoft logon clients. Cheerio, Link.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Current thread:
- Re: Naptha - New DoS, (continued)
- Message not available
- Re: Naptha - New DoS White Vampire (Dec 09)
- Re: Naptha - New DoS rpc (Dec 09)
- Re: Naptha - New DoS Sebastian (Dec 10)
- Re: Naptha - New DoS Damian Menscher (Dec 10)
- Re: Naptha - New DoS Filipe Almeida (Dec 16)
- Re: Naptha - New DoS Bruno Morisson (Dec 17)
- Re: Naptha - New DoS Lincoln Yeoh (Dec 09)
- Re: Naptha - New DoS Michael H. Warfield (Dec 09)
- Re: Naptha - New DoS Jose Nazario (Dec 09)
- Re: Naptha - New DoS Ron DuFresne (Dec 09)
- Message not available
- Re: Naptha - New DoS Lincoln Yeoh (Dec 09)
- Re: Naptha - New DoS Simple Nomad (Dec 11)
- Re: Naptha - New DoS Dug Song (Dec 11)
- Re: Naptha - New DoS Stephane Aubert (Dec 12)
- Re: Naptha - New DoS AV (Dec 12)
- Re: Naptha - New DoS Damian Menscher (Dec 13)
- Re: Naptha - New DoS Ryan Permeh (Dec 15)
- Re: Naptha - New DoS Dug Song (Dec 15)