[21965] in bugtraq
RE: bug w2k
daemon@ATHENA.MIT.EDU (Kevin Thayer)
Sat Jul 28 23:15:19 2001
Message-ID: <40B463BB0147D411B7AB00D0B7475ADB03C56ADD@xchange.xpa1.x.com>
From: Kevin Thayer <kthayer@paypal.com>
To: "'SIFFREDI DANIEL'" <DSIFFREDI@nacion-afjp.com.ar>,
"'bugtraq@securityfocus.com'" <bugtraq@securityfocus.com>
Date: Sat, 28 Jul 2001 11:30:16 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Hello all,
I was able to reproduce this bug on the first try. However, the machine did
not reboot until after the ping had finished. (I did a ping -t). In
addition, it seems to work with most programs that trap keyboard input. I
tested it with traceroute (again, it worked only after the program exited),
ping, dir /s /a, and all had the same result; as soon as the program exited,
it would be run again, and then reboot.
In general, the output looks like this:
C:\> tracert yahoo.com
<program output>
<program output>
<program output>
<program output>
C:\>
C:\>
C:\>
C:\>
C:\>
C:\>
C:\> tracert yahoo.com
(reset occurs)
It appears to be the result of windows trapping the input and feeding it to
the command interpreter (cmd.exe) all at once. F7 displays a list of the
most recent commands, so it appears that windows is trying to run several
copies of an identical command simultaneously and that's making it very
unhappy. Surprising that we don't at least get a BSOD.
Cheers,
Kevin Thayer
Network Operations Engineer
PayPal Network Operations
> -----Original Message-----
>
> Hello, this is a new bug found in W2K in all flavors, works
> with all levels
> of users.
>
> Here is the proof of concept:
>
> Open a Cmd Window
> Ping to any host (for example ping 10.100.2.1 preferred a
> host in your LAN),
> no switch needed. Just ping
> Now press F7 and Enter (try a couple of times quickly...less
> than ten , and
> you can see what a meaning)
> The machine reboots, from nothing a warm reboot.
> Please let me know if you have the same bug. I tried this in
> W2k sp2 English
> and Spanish.
>
