[13853] in bugtraq
Re: Timbuktu Pro 2.0b650 DoS
daemon@ATHENA.MIT.EDU (Dale Whitchurch)
Tue Feb 15 18:21:23 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.10002142058220.11062-100000@piglet.clemson.edu>
Date: Mon, 14 Feb 2000 20:59:58 -0500
Reply-To: Dale Whitchurch <dalew@CLEMSON.EDU>
From: Dale Whitchurch <dalew@CLEMSON.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <4.2.0.58.20000211204020.00994c00@194.98.103.230>
Hello,
This problem also exists on 5.2.1 on the Macintosh platform.
Regards,
DaleW
On Fri, 11 Feb 2000, Laurent LEVIER wrote:
> Cheers,
>
> I found a Timbukto Pro (Remote Control NT Tool) vulnerability.
>
> Concerned product : Timbuktu Pro 2.0b650 on Windows NT 4.0 until sp5
>
> "Exploit" is :
>
> - Connect and disconnect on port TCP/407 to make port TCP/1417 listening
> - Connect on port TCP/1417 with a simple telnet.
> - Disconnect from TCP/1417 (no data exchange).
>
> Authentication protocol waits indefinitely.
>
> This brings Timbukto Remote Control Denial-of-Service on control. Physical
> contact is then needed to restart it.
>
> Solution to get back operational:
> - Kill timbuktu process (using pslist/pskill for example)
> - Stop Timbuktu services
> - Start them again.
>
> Patches:
> Not yet
>
> Netopia is now aware of this.
>
> Best regards
>
>
> Laurent LEVIER
> IT Systems & Networks, Unix System Engineer
> Security Specialist
>
> Argosnet Security Server : http://www.Argosnet.com
> "Le Veilleur Technologique", "The Technology Watcher"
>
=========================================================
Dale Whitchurch
Server Administrator
Clemson SC 29634
dalew@clemson.edu
=========================================================
Catapultam habeo. Nisi pecuniam omnem mihi dabis,
ad caput tuum saxum immane mittam.
