[8313] in bugtraq
Re: Service Pack 4 - Issues
daemon@ATHENA.MIT.EDU (Aleph One)
Tue Oct 27 14:48:21 1998
Date: Tue, 27 Oct 1998 11:02:06 -0600
Reply-To: Aleph One <aleph1@DFW.NET>
From: Aleph One <aleph1@DFW.NET>
To: BUGTRAQ@NETSPACE.ORG
---------- Forwarded message ----------
Date: Sat, 24 Oct 1998 23:53:34 -0600
From: Steve Manzuik <steve.manzuik@TELUS.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Re: [NTSEC] Service Pack 4 - Issues
Well, on my tests, with a Compaq laptop (my personal machine).
I installed SP3 plus the hotfixes especially the LSASS one. I ran the LSASS
DoS attack and it did not work on the machine. I then installed SP4 (40bit)
on the exact same machine and copy of NT, ran the same LSASS DoS attack and
it worked. I have not tried the 128bit SP4 but I assume the results would
be the same.
On Monday, I will be back in my office and be able to go to the lab and try
this on more machines but, I suspect that my findings will be the same.
I emailed Microsoft two days ago but have not gotten a response as of yet.
-----Original Message-----
From: Micheal Espinola Jr [mailto:micheale@ix.netcom.com]
Sent: Saturday, October 24, 1998 9:59 PM
To: 'Steve Manzuik'
Subject: RE: [NTSEC] Service Pack 4 - Issues
If what you say is true, then they have neglected to
incorporate the
Lsa2-fix Hot Fix into Service Pack 4, or did so incorrectly.
I hope that this is an isolated incidence. Have you heard
otherwise?
+-------------------------------+-----------------------------------+
| Micheal Espinola Jr | Hardening NT 4 Security
Checklist |
| NT Administrator |
http://www.netcom.com/~honeyluv/ |
| mailto:micheale@ix.netcom.com |
|
+-------------------------------+-----------------------------------+
"Views expressed by this individual may differ from your
own...
...Reader discretion is
advised."
| -----Original Message-----
| From: owner-ntsecurity@iss.net
[mailto:owner-ntsecurity@iss.net]On
| Behalf Of Steve Manzuik
| Sent: Friday, October 23, 1998 3:21 PM
| Cc: recipient list not shown: ;
| Subject: [NTSEC] Service Pack 4 - Issues
|
|
|
| TO UNSUBSCRIBE: email "unsubscribe ntsecurity" to
majordomo@iss.net
| Contact ntsecurity-owner@iss.net for help with any
problems!
|
--------------------------------------------------------------
| -------------
|
| Hopefully someone can correct me if I am wrong here but,
is
| it not safe to
| assume that all of the previous "issues" that required a
MS
| Hotfix would be
| fixed with SP4?
|
| The reason I ask is because, just for the hell of it, I
| installed SP4 40bit
| then attempted a number of DoS attacks on my box. The
only
| one that worked
| was the LSASS.EXE DoS attack.
|
| Can anyone else duplicate or confirm this?
|
