[4498] in bugtraq
OOB Bug stills persists after hot fix
daemon@ATHENA.MIT.EDU (Matthew Dovey)
Mon May 19 03:08:04 1997
Date: Sat, 17 May 1997 20:55:12 +0100
Reply-To: Matthew Dovey <matthew.dovey@LAS.OX.AC.UK>
From: Matthew Dovey <matthew.dovey@LAS.OX.AC.UK>
To: BUGTRAQ@NETSPACE.ORG
I'm new to this list so please forgive me if this is repetition.
Although the hotfix and SP3 prevent the OOB attack caused by the
Win32/Unix source code describe at
http://pobox.leidenuniv.nl/%7Eewit/winnuke/, the Mac binary also listed
on that page appears to still be capable of downing an NT 4.0
Workstation/Server even after applying the hotfix and/or service pack 3
(we've tried all combinations on two separate sites).
Does anyone know what is peculiar about the Mac implementation of the
OOB attack, and whether Microsoft will have a second fix out soon? (Not
that I now would have much confidence in a second patch for essentially
the same problem)
Matthew J. Dovey
Libraries Automation Service
Oxford University
