RE: Windows XP - Still has a Windows NT4 DoS hangover?

From: Adcock, Matt (Matt.Adcockat_private)
Date: Wed Nov 28 2001 - 08:58:46 PST

Next message: Peter Turczak: "New Worm similar to BadTrans.B?"

Previous message: Bob Fryer: "Windows XP - Still has a Windows NT4 DoS hangover?"
Maybe in reply to: Bob Fryer: "Windows XP - Still has a Windows NT4 DoS hangover?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I don't really see how this is even close to a security issue since you
weren't able to do a repair or work on the problem at all.  I'd assume a
generic lsass problem.  If it still happened after a reapir/reapplication of
the service pack, I *might* consider something sinister.  Do a search for
lsass on msdn - bugs are *rampant*.  Not saying you're wrong, but don't
assume zebra when it's most likely a horse.

-----Original Message-----
From: Bob Fryer [mailto:efryerat_private]
Sent: Wednesday, November 28, 2001 12:26 AM
To: incidentsat_private
Subject: Windows XP - Still has a Windows NT4 DoS hangover?


Mailer: SecurityFocus

Whilst indepth analysis could not be done (unit was 
sent back to vendor to be rebuilt), it appears that 
Windows XP has a similar exploit as Windows NT4. 
See http://hypoclear.cjb.net/hypo_nt_dos.txt

Windows XP Home was running happily for a few 
weeks and as of yesterday would not allow the 
machine to boot up complaining of a 'ISASS.EXE" 
error and then rebooting itself.

Trying the repair options after booting off CDROM, 
resulted in being asked for the administrator 
password, of which none has been set, by either the 
user or the original vendor, but refused to allow blank 
(default) or any that were tried. The vendor confirmed 
that they do not set it at all.

There was a short timeframe where personal firewall 
software or virus software was not available, so a 
suspicion arises that the user was attacked via the 
internet during that time.

Anyone else had any involvement with this problem?

Regards
Bob Fryer

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Peter Turczak: "New Worm similar to BadTrans.B?"
Previous message: Bob Fryer: "Windows XP - Still has a Windows NT4 DoS hangover?"
Maybe in reply to: Bob Fryer: "Windows XP - Still has a Windows NT4 DoS hangover?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Nov 28 2001 - 09:21:47 PST