Pragma Systems response to USSRLabs report

From: Ussr Labs (labsat_private)
Date: Wed Feb 23 2000 - 12:50:50 PST

Next message: Pauli Ojanpera: "Re: Wordpad vulnerability, exploitable also in IE for Win9x"

Previous message: Alfred Huger: "Local / Remote Exploiteable Buffer Overflow Vulnerability in"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pragma Systems response to USSRLabs report

On February 22, 2000, Pragma Systems received an anonymous email
regarding a security issue reported to NT Security News, hosted by
Windows 2000 magazine, with our InterAccess TelnetD Server 4.0 for
NT. We took immediate action to determine if a problem existed. After
researching the report and the company reporting the issue, USSRLabs,
we have determined that a possible problem could exist.

We have been unable to duplicate the problem with the January 5, 2000
Build 7 release available from our site. We have tested our server
installed on NT4 SP5, Windows 2000 Build 2128, and NT4 SP 6a. From
the USSRLabs website, we have discovered that they tested with Build
4, build date of May 4, 1998, and did not complete the testing with
the latest version to determine if the problem had been fixed. Please
note, that this company did report the problem as occuring with a
build nearly 2 years old. We do not have any information about what
type of system USSRLabs did their testing on.

The reported problem results in a 100% CPU usage. From our experience
this is caused by a Winsock error during a recv() call. It is
possible that this error would only occur on systems running the
Service packs with winsock updates. Pragma Systems has requested
testing procedures from USSRLabs to verify if a service pack update
was attempted to solve the problem. At this time, we have little
information about how this result was produced.

Solutions to this problem are to update service packs and InterAccess
TelnetD Server 4.0 to the latest build.

For any further information on our testing and available updates,
contact Beth Henry, Software Project Lead, at bethlhat_private

Thank you for taking the time to research this issue for yourself.

Pragma Systems, Inc.
13706 Research Blvd, #301
Austin, TX 78750
(512) 219-7270
pragmaat_private

from http://www.pragmasys.com/USSR_response.htm
- ----------------------------------------------------------------------
- ----------------------------------------------------

Appear the people of Pragma Systems, no undertand what is the real
problem, the exploit (from us), made 100% usage, there are no
problems in winsock or services pack.

The program TelnetD have the problem in the implementation of the
recv , who have a unchecked buffer, who cause a buffer overflow.

u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c
h
http://www.ussrback.com


-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>

iQA/AwUBOLRIKdybEYfHhkiVEQLMfgCfbwI2z1fgQHWxwlwK0C12/hDS1w8Anip+
4iYqngt3kvT9GtotTMVtJfT3
=t1KQ
-----END PGP SIGNATURE-----

Next message: Pauli Ojanpera: "Re: Wordpad vulnerability, exploitable also in IE for Win9x"
Previous message: Alfred Huger: "Local / Remote Exploiteable Buffer Overflow Vulnerability in"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:36:56 PDT