[10387] in bugtraq
Re: NT/Exceed D.O.S.
daemon@ATHENA.MIT.EDU (Ian Westcott)
Thu Apr 29 14:52:10 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990428173900.A2088@iras-2-63.snrf01.pacbell.net>
Date: Wed, 28 Apr 1999 17:39:00 -0700
Reply-To: Ian Westcott <rakarra@PACBELL.NET>
From: Ian Westcott <rakarra@PACBELL.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <81E9F50848DAD211A2720008C7A463E7251FD6@pdxmail.escocorp.com>;
from LaFournaise, Chris J. on Tue, Apr 27,
1999 at 01:29:26PM -0700
On Tue, Apr 27, 1999 at 01:29:26PM -0700, LaFournaise, Chris J. wrote:
> This is regarding Hummingbird's Exceed X emulator v5 (and possibly v6)
> running on Windows NT. I haven't tested Win95/98.
>
> The Exceed X server allows inbound TCP connections on port 6000 from the XDM
> host. If someone uses telnet from the XDM host to connect to a PC running
> Exceed on port 6000 and enters any garbage text, the X server will hang and
> the Exceed session is frozen for good.
I just tested Exceed v6.0 under Win95, and it is vulnerable.
--
Ian Westcott | Fly away to a Rainbow in the sky.
ijwestcott@ucdavis.edu | Gold is at the end for each of us to find.
-==(UDIC)==- | There the road begins where another one will end.
Rakarra@FurryMUCK, IRC | Here the four winds know,
Dragon Code: DC.D f+ | Who will break and who will bend.
s- h- Cgold>Red a $ | All to be the Master of the Wind.
