RE: bug w2k

From: Corwin, George (George_Corwinat_private)
Date: Mon Jul 30 2001 - 10:55:07 PDT

Next message: Ross Lotharius: "RE: bug w2k"

Previous message: Joe Lyman: "RE: Win2k F7 history bug- BSOD info"
Next in thread: Ross Lotharius: "RE: bug w2k"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I followed the same procedure with TS in Admin mode and I was able to
terminate my session by closing TS Client.  I then logged in again and was
able to Kill the CMD.EXE session that was still running from my prior
TSClient session.  It didn't require me to reboot.

-----Original Message-----
From: Mark Saum [mailto:msaumat_private]
Sent: Saturday, July 28, 2001 5:38 PM
To: VULN-DEVat_private
Subject: RE: bug w2k

I've verified this to work on Win2K Pro SP2.  It took 3 F7s and my system
hard-booted as if I had hit the reset button.

On a Win2K Server SP2 on a terminal session (administrator mode) it doesn't
crash the box.  However:
 - You can create a "cmd.exe" session that is unkillable
 - You can't log off that session
 - You can't kill that session or "cmd.exe" process from the console
(taskmgr.exe)  
 - You can't log the user off from Terminal Services Manager
 - You can't create another instance of "cmd.exe" in that terminal session
 - A reboot is required to kill the session.

Regards,

Mark Saum

Fidelis Consulting Corporation
Dallas, TX

-----Original Message-----
From: SIFFREDI DANIEL [mailto:DSIFFREDI@nacion-afjp.com.ar] 
Sent: Friday, July 27, 2001 2:45 PM
To: 'bugtraqat_private'
Subject: bug w2k

Hello, this is a new bug found in W2K in all flavors, works with all levels
of users.

Here is the proof of concept:

Open a Cmd Window 
Ping to any host (for example ping 10.100.2.1 preferred a host in your LAN),
no switch needed. Just ping 
Now press F7 and Enter (try a couple of times quickly...less than ten , and
you can see what a meaning) 
The machine reboots, from nothing a warm reboot. 
Please let me know if you have the same bug. I tried this in W2k sp2 English
and Spanish.

Daniel Siffredi
Administrador de Red de Microinformatica.
Nacion AFJP SA

"WorldSecure" made the following
 annotations on 07/30/01 12:49:23
------------------------------------------------------------------------------

[INFO] -- Virus Manager:
This message was scanned with Network Associates Viper,
and no viruses were detected.

==============================================================================

Next message: Ross Lotharius: "RE: bug w2k"
Previous message: Joe Lyman: "RE: Win2k F7 history bug- BSOD info"
Next in thread: Ross Lotharius: "RE: bug w2k"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 30 2001 - 11:28:57 PDT