[10392] in bugtraq
Re: NT/Exceed D.O.S.
daemon@ATHENA.MIT.EDU (Jamie Lawrence)
Thu Apr 29 18:32:57 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Message-Id: <4.1.19990429115217.04e717b0@mail.thirdage.com>
Date: Thu, 29 Apr 1999 11:54:14 -0700
Reply-To: Jamie Lawrence <jal@THIRDAGE.COM>
From: Jamie Lawrence <jal@THIRDAGE.COM>
X-To: Matt Wilbur <matt@PHOTON.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <BB58273654DCD0118EB9006097B5310E17162E@vetix>
I couldn't reproduce either effect with Exceed 6.1 under NTsp3.
Everything behaved normally, both for new and existing sessions.
-j
At 01:57 PM 4/28/99 -0700, Matt Wilbur wrote:
>Exceed (an X server, not an X emulator) version 6.0.1.0 on NT appears to
>have fixed this problem, somewhat...
>
>Telnetting to port 6000 locks the server up for 20-30 seconds, but it
>recovers eventually. Not surprisingly, using netcat has the same effect...
>although, contrary to Chris's findings with Exceed 5, I didn't need to send
>any garbage characters, the connection alone did the job. Also, it works
>from any host, not just the one the xdm session had been initiated with,
>regardless of host access settings in Xconfig, Exceeds "configuration" tool.
>
>
>I'd still consider this DoS-bait, when you imagine a one-liner to
>continuously connect to port 6000 of your favorite Exceed user's machine.
>
>Matt Wilbur
>
>[snip]
>>
>> This is regarding Hummingbird's Exceed X emulator v5 (and possibly v6)
>> running on Windows NT. I haven't tested Win95/98.
>>
>> The Exceed X server allows inbound TCP connections on port
>> 6000 from the XDM> host. If someone uses telnet from the XDM host to
>connect to
>> a PC running Exceed on port 6000 and enters any garbage text, the X server
>
>> will hang and the Exceed session is frozen for good.
>>
>> I have notified Hummingbird via their tech support web site
>> but have not received a response yet.
>>
>> Chris LaFournaise
>> cjlafournaise@escocorp.com
>>
