Strumpf Noir Society Advisories ! Public release ! <--# -= Denicomp REXECD/RSHD Denial of Service Vulnerability =- Release date: Thursday, May 3, 2001 Introduction: Denicomp's REXECD and RSHD products are ports of their counterparts on Unix-based systems, allowing the use of the rcp, rsh and rexec commands on machines running MS Windows. These products can be obtained through the vendors website at: http://www.denicomp.com Problem: There exists a problem in the port-handling code of mentioned products which exposes the services provided by these to a DoS attack. When a string of +/- 4300 bytes is sent to the listening port of the REXEC and/or RSH daemons (defaulting to the standard 512 and 514 ports), the service in question will die. A restart will be needed to regain full functionality. (..) Solution: Vendor has been notified and has verified this problem. New versions of these products will be released from the vendor's website shortly. Vulnerable: WINNT/WIN2K: Denicomp Winsock RSHD/NT v2.18.00 (Intel) Denicomp Winsock RSHD/NT v2.17.07 (DEC Alpha) Denicomp Winsock REXECD/NT v1.05.00 (Intel) Denicomp Winsock REXECD/NT v1.04.08 (DEC Alpha) Win95/98/ME: Denicomp Winsock RSHD/95 v2.18.03 Denicomp Winsock REXECD/95 v1.00.02 Earlier versions are expected to be vulnerable as well, users are encouraged to upgrade. yadayadayada Free sk8! (http://www.freesk8.org) SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html) compliant, all information is provided on AS IS basis. EOF, but Strumpf Noir Society will return!
This archive was generated by hypermail 2b30 : Fri May 11 2001 - 08:47:05 PDT