Cheers,
I found a Timbukto Pro (Remote Control NT Tool) vulnerability.
Concerned product : Timbuktu Pro 2.0b650 on Windows NT 4.0 until sp5
"Exploit" is :
- Connect and disconnect on port TCP/407 to make port TCP/1417 listening
- Connect on port TCP/1417 with a simple telnet.
- Disconnect from TCP/1417 (no data exchange).
Authentication protocol waits indefinitely.
This brings Timbukto Remote Control Denial-of-Service on control. Physical
contact is then needed to restart it.
Solution to get back operational:
- Kill timbuktu process (using pslist/pskill for example)
- Stop Timbuktu services
- Start them again.
Patches:
Not yet
Netopia is now aware of this.
Best regards
Laurent LEVIER
IT Systems & Networks, Unix System Engineer
Security Specialist
Argosnet Security Server : http://www.Argosnet.com
"Le Veilleur Technologique", "The Technology Watcher"
