[4787] in bugtraq
Re: Simple TCP service can hang a system
daemon@ATHENA.MIT.EDU (Joe Konopka)
Wed Jun 25 06:32:13 1997
Date: Tue, 24 Jun 1997 16:16:16 -0500
Reply-To: Joe Konopka <jkonopka@ITOL.COM>
From: Joe Konopka <jkonopka@ITOL.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <m0wfc3I-00009HC@wittsend.com>
At 10:06 PM 6/21/97 -0400, you wrote:
>Willy TARREAU enscribed thusly:
>
>> Hi !
>
>> I've noticed that inetd doesn't check the source port for the request
>> to UDP simple services (echo, time, chargen, daytime).
>
>> This means it is possible to build a packet which will look like it comes
>> from one of these ports, to one of these ports. In this case, each UDP
>> response from the simple service will generate a new request to the source
>> port and the system or network can be quickly overloaded.
[parts deleted]
>> I tested Netware Client 32 for DOS/Windows, and it simply hangs. Not tested
>> yet on Win95/NT/Netware...
FYI, under WinNT 4.0, this causes 99% CPU usage in TCPSVCS.EXE, and can be
fixed by stopping and restarting "Simple TCP/IP services".
