[4449] in bugtraq
Re: Windows 95/NT DoS
daemon@ATHENA.MIT.EDU (Alan Cox)
Sun May 11 16:37:28 1997
Date: Sun, 11 May 1997 16:40:27 +0100
Reply-To: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
From: Alan Cox <alan@LXORGUK.UKUU.ORG.UK>
X-To: frank@BIGDOG.FRED.NET
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.GSO.3.94.970510165339.19095A-100000@bigdog.fred.net> from
"DiGennaro" at May 10, 97 04:55:44 pm
> Not sure why, but it only appears to work if the host is running
> netbios (port 139). Attacking another port ie, httpd (port 80) does not
> have any effect.
Guessing how the kernel implementation works under NT I'd suspect the kernel
services are providing call back functions and netbios forgot to supply
one for out of bounds data.
That also explains why telnet to NT boxes sort of always works (telnet uses
OOB data sometimes)
