[12175] in bugtraq
Re: MicroImages MIX X Server
daemon@ATHENA.MIT.EDU (Marcus Post)
Fri Oct 8 18:08:16 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <000201bf104c$bea33870$2e2b21a6@qmw135.mcit.com>
Date: Wed, 6 Oct 1999 16:47:18 -0600
Reply-To: marcus.post@wcom.com
From: Marcus Post <marcus.post@WCOM.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <37FA421A.6E9A22AE@atg.com>
Are you certain this is crashing the remote server? Telneting in and sending
jibberish will have the server close the connection, just the same as
telneting into a non-telnet port and typing jiberish (UUCP, SMTP, Kerberos,
FTP, etc. IIRC) will do.
#1 Are there any kind of error messages, crash messages, etc, on the host
machine? The message given was solely on the remote machine trying to telnet
in. WHats happening with the server?
#2 Can you check to be certain that the server is using 6000 for it's remote
X sessions?
#3 Have you tried connecting with an X client to this server the usual way
after 'crashing' it this way?
I find it hard to believe based solely on this telnet log that the server
actually went down.
Marcus
-----Original Message-----
From: Bugtraq List [mailto:BUGTRAQ@SECURITYFOCUS.COM]On Behalf Of Jim
Frost
Sent: Tuesday, October 05, 1999 12:23 PM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Re: MicroImages MIX X Server
Jan Szumiec wrote:
> I don't know whether anyone wrote about this, so here it goes.
>
> It is possible to bring down the XServer remotely ...
>
> $ telnet 192.168.1.2 6000
> Connected to 192.168.1.2
> Escape character is ^[
> djkfhgjksdhgjklhgjklsdhgjklehrslhgsd
> Connection closed by remote host.
> $
>
> Basically telneting into port 6000 of the server and typing in random
> gibberish, brings it down.
Is the server xhost + or not? Might make a difference.
jim
