[19686] in bugtraq
Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS
daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Peter_Gr=FCndl?=)
Fri Mar 16 15:22:00 2001
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Message-ID: <083e01c0ade9$5bc0c880$71002d0a@dk.defcomsec.com>
Date: Fri, 16 Mar 2001 08:18:54 +0100
Reply-To: =?iso-8859-1?Q?Peter_Gr=FCndl?= <peter.grundl@DEFCOM.COM>
From: =?iso-8859-1?Q?Peter_Gr=FCndl?= <peter.grundl@DEFCOM.COM>
X-To: Nelson Brito <nelson@secunet.com.br>
To: BUGTRAQ@SECURITYFOCUS.COM
The CON/CON didn't affect NT (not natively anyway). Windows NT and 2000 run
on different kernels than Win9x (if you can call those kernels?), and
dos-devices (AFAIK) are implemented virtually on NT/2000. A fully patched
Windows NT/2000 is still vulnerable to this attack if the host runs Mdaemon
< 3.5.6. Besides it's not a request for a dos-device inside a dos-device
(which is what triggered the old Win9x DoS.
Peter Gründl
Defcom Security
----- Original Message -----
From: "Nelson Brito" <nelson@secunet.com.br>
To: "Peter Gründl" <peter.grundl@DEFCOM.COM>
Cc: <BUGTRAQ@SECURITYFOCUS.COM>
Sent: Thursday, March 15, 2001 6:39 PM
Subject: Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS
[snip]
>
> I don't know, but it's a CON/CON old bug, isn't it?
>
> If you pacthed your NT Box, the app is not vulnerable to this BUG, isn't
it?
>
[snip]
