A bug Oliver privately reported (with more information and a repro program) was one of the ones fixed by the patch; it also fixed another one that I don't believe was reported (but since I was wrong about his...). I didn't realize he had posted a report about it to BUGTRAQ. I didn't want to mention his name without his permission. I'll gladly credit the other guy too, if he says its OK (I've sent mail). In any case, what I was really thinking and could have said better was that there was no publically released exploit. People worried about NT DOS attacks should also look at the LSA-FIX from last June. It fixed the problems mentioned by Paul Ashton in the archived message. > ---------- > From: Aleph One[SMTP:aleph1at_private] > Sent: Friday, February 13, 1998 6:41 PM > To: Paul Leach > Cc: BUGTRAQat_private > Subject: Re: Fix for SMB DOS attack posted > > On Fri, 13 Feb 1998, Paul Leach wrote: > > > A hot-fix for a DOS attack on NT file servers that had not been > previously > > publically known has been posted. The following is the KB article on the > > fix. > > > > DOCUMENT: Q180963 > > TITLE :Denial of Service Attack Causes Windows NT Systems to Reboot > > PRODUCT :Microsoft Windows NT > > PROD/VER:4.00 > > OPER/SYS:WINDOWS > > KEYWORDS:kbbug4.00 kbfix4.00 NTSrv ntstop > > Well it would seem some folks have found the problem (or something > similar) before as Oliver Friedrichs from Secure Networks hinted at back > in October on the NTBugTraq mailing list. > > http://listserv.ntbugtraq.com/SCRIPTS/WA-NTBT.EXE?A2=ind9710&L=ntbugtraq&m > =791&P=4201 > > Maybe the secnet folks would like to discuss some of their findings. > > Aleph One / aleph1at_private > http://underground.org/ > KeyID 1024/948FD6B5 > Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01 > >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:42:42 PDT