About
Community
Bad Ideas
Drugs
Ego
Erotica
Fringe
Society
Technology
Hack
Introduction to Hacking
Hack Attack
Hacker Zines
Hacking LANs, WANs, Networks, & Outdials
Magnetic Stripes and Other Data Formats
Software Cracking
Understanding the Internet
Legalities of Hacking
Word Lists
register | bbs | search | rss | faq | about
meet up | add to del.icio.us | digg it

Bugs for Windows NT

NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Vulnerability of Windows NT leading to Denial of Service attacks.


Description:

The port 135 on NT machines ist used by the portmapper for
remote administration (user management, DNS, registry and others).
Any string greater than 10 characters feeded to this port will
result in a very high load on the server

The resulting high load of the rpcss process may make other services
on the machine unavailable giving this bug the potential of a
denial of service attack.

Vulnerable:

Windows NT versions 4.0 and 3.51 are reported to be vulnerable.

Impact:

Anyone with 'telnet' access to port 135 on the machine can
cause the effect.

Solution:

Block port 135 until a patch is available.

If you have been attacked use the console util kill.exe from the
resource kit to kill the rpcss.exe process (the gui won't work!).
(If you restart the portmapper all servers that are already
connected to the portmapper must be restarted.)

Comments:

As far as I know this bug was first reported by Jason T. Luttgens
([email protected]) and has been reported to CERT and Microsoft.



Looks like NT is also vulnerable to exactly the same attack as
previously posted WRT connecting and throwing garbage at port 135 on
another port, namely 1031 (inetinfo) The inetinfo.exe process goes
insane on NT4.0. Haven't tested on 3.51. To try, telnet to 1031 on an
NT machine and type garbage, then disconnect.
 
To the best of our knowledge, the text on this page may be freely reproduced and distributed.
If you have any questions about this, please check out our Copyright Policy.
 

totse.com certificate signatures
 
 
About | Advertise | Bad Ideas | Community | Contact Us | Copyright Policy | Drugs | Ego | Erotica
FAQ | Fringe | Link to totse.com | Search | Society | Submissions | Technology
Hot Topics
Php
Withstanding an EMP
Good computer destroyer?
Wow, I never thought the navy would be so obvious.
Alternatives Internets to HTTP
Anti-Virus
a way to monitor someones AIM conversation
VERY simple question: browser history
 
Sponsored Links
 
Ads presented by the
AdBrite Ad Network

 

TSHIRT HELL T-SHIRTS