[4436] in bugtraq
Re: Windows 95/NT DoS
daemon@ATHENA.MIT.EDU (DiGennaro)
Sat May 10 19:04:16 1997
Date: Sat, 10 May 1997 16:55:44 -0400
Reply-To: DiGennaro <frank@BIGDOG.FRED.NET>
From: DiGennaro <frank@BIGDOG.FRED.NET>
X-To: Albert Siersema <appie@CASTEL.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.SOL.3.95.970510152213.10444A-100000@mailhost.castel.nl>
On Sat, 10 May 1997, Albert Siersema wrote:
> > It is possible to remotely cause denial of service to any windows
> > 95/NT user. It is done by sending OOB [Out Of Band] data to an
>
> You're right. This is VERY serious. I've tested it on NT machines with SP2
> and most hotfixes installed.
>
> It's even worse: the NT machine reboots so it should come up again, but
> when it does, all memory (physical and virtual) is consumed.
> (from the previous memory dump ?)
> Only a proper shutdown and restart fixes this.
>
> I think this is a seperate bug, but nevertheless again: OH NO !
>
Not sure why, but it only appears to work if the host is running
netbios (port 139). Attacking another port ie, httpd (port 80) does not
have any effect.
Frank DiGennaro frank@bigdog.fred.net
The more people I meet in life, the more I appreciate
spending time with my pets.
