Hello,
I experienced the same problem with several servers running NetWare 5.0
sp4 and BorderManager 3.0 (Enterprise Edition). I discovered this bug
a few months ago when doing a NMAP scan. When opening a telnet session
to TCP port 2000 and hitting enter, the NetWare server gives the same
Short Term MAlloc error you describe, with the difference that it starts
with a few million attempts to get more memory.
--
Ron van Daal | Syntonic Internet | tel. +31(0)46-4230738
[EMAIL PROTECTED] | www.syntonic.net | fax. +31(0)46-4230739
On Wed, 9 Feb 2000, Chicken Man wrote:
> 1-27-2000 9:34:47 am: SERVER-5.0-830 [nmID=2000A]
> Short Term Memory Allocator is out of Memory.
> 1 attempts to get more memory failed.
>
> The telnet session will not disconnect, unless you manually close the
> connection. Over the course of two days (every few minutes or so, YMMV) the
> error will repeat, with the number of attempts steadily increasing (by
> several million each time). Eventually (again, for us it was two days, YMMV)
> the firewall will deny all requests, and eventually crash completely.
Our NetWare servers didn't crash, because I took the servers down
after noticing the MAlloc error.
> <RANT>
> Why is the port even accessable from the outside (or the inside for that
> matter)? The default BorderManager packet filtering rules indictate that
> pretty much everything is being passed. Why is the NLM loaded by default?
> Tcpcon shows various other services running that shouldn't be either
> (c27-2000 9:34:47 am: SERVER-5.0-830 [nmID=2000A]
> Short Term Memory Allocator is out of Memory.
> 1 attempts to get more memory failed.
I can't find any vulnerabilities in the other services (chargen,
echo, discard, etc). Try FILTCFG.NLM to disable these services.
-Ron
