This seems to have been fixed at some point, connecting and/or spewing random data to exceedhost 6000-6010 has no discenrible effect on exceed 6.1.0 under win98 or NTsp4. A denial of service is still possible though: Exceed defaults to allowing 128 connections from the xdm host, but counts a telnet connection as though it were a connection from a valid X client. Once the max number of connections is reached, subsequent attempts to the X port range are refused. -- David Poythress dpat_private "Grammar, which controls even kings ..." --Moliere -----Original Message----- From: LaFournaise, Chris J. [mailto:cjlafournaiseat_private] Sent: Tuesday, April 27, 1999 15:29 To: BUGTRAQat_private Subject: NT/Exceed D.O.S. This is regarding Hummingbird's Exceed X emulator v5 (and possibly v6) running on Windows NT. I haven't tested Win95/98. The Exceed X server allows inbound TCP connections on port 6000 from the XDM host. If someone uses telnet from the XDM host to connect to a PC running Exceed on port 6000 and enters any garbage text, the X server will hang and the Exceed session is frozen for good. I have notified Hummingbird via their tech support web site but have not received a response yet. Chris LaFournaise cjlafournaiseat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:44:43 PDT