G'day,
Anyone out there found an easy (script-kiddie) way to demonstrate this
as a genuine vuln during a test? I've googled but can't find an exploit for
this other than the text reading ...
----------------------=[Detailed Description]=------------------------
By creating a connection to the kerberos service and the disconnecting
again, without reading from the socket, the LSA subsystem will leak
memory. After about 4000 connections the kerberos service will stop
accepting connections to tcp ports 88 (kerberos) and 464 (kpasswd) and
all domain authentication will effectively have died (if the target
was a domain controller).
It requires a reboot to recover from the attack.
---------------------------=[Workaround]=-----------------------------
Since everyone on the list should know by now my programming abilities
stopped at 'hello world' any pointers would be gratefully accepted.
Yours
Ian
---------------------------------------------------------------------------
----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Aug 06 2003 - 11:46:49 PDT