Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS

2001-03-16 Thread Peter Gründl 

The CON/CON didn't affect NT (not natively anyway). Windows NT and 2000 run
on different kernels than Win9x (if you can call those kernels?), and
dos-devices (AFAIK) are implemented virtually on NT/2000. A fully patched
Windows NT/2000 is still vulnerable to this attack if the host runs Mdaemon
 3.5.6. Besides it's not a request for a dos-device inside a dos-device
(which is what triggered the old Win9x DoS.

Peter Grndl
Defcom Security

- Original Message -
From: "Nelson Brito" [EMAIL PROTECTED]
To: "Peter Grndl" [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Thursday, March 15, 2001 6:39 PM
Subject: Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS


[snip]

 I don't know, but it's a CON/CON old bug, isn't it?

 If you pacthed your NT Box, the app is not vulnerable to this BUG, isn't
it?

[snip]

Re: def-2001-11: MDaemon 3.5.4 Dos-Device DoS

2001-03-16 Thread Nelson Brito 

Peter Grndl wrote:

 ==
   Defcom Labs Advisory def-2001-11

   MDaemon 3.5.4 Dos-Device DoS

 Author: Peter Grndl [EMAIL PROTECTED]
 Release Date: 2001-03-15
 ==
 =[Brief Description]=-
 Webservices in the Mdaemon package can be crashed by requesting a
 malicious URL.

 =[Affected Systems]=--
 - MDaemon 3.5.4 Standard for Windows NT/2000
 - MDaemon 3.5.4 Pro for Windows NT/2000

 --=[Detailed Description]=
 There is a problem with the way the Worldclient (default port 3000)
 and the Webconfig service (default port 3001) handle requests for dos-
 devices.

 If a user requests eg. "http://www.foo.org:3000/aux", the Worldclient
 service will crash. The same fault affects the Webconfig service.
 The service needs to be restarted from the Mdaemon console.

I don't know, but it's a CON/CON old bug, isn't it?

If you pacthed your NT Box, the app is not vulnerable to this BUG, isn't it?

Sem mais,
--
+-+
|Nelson Brito|  Security Networks / IBQN  |
||  Avenida General Justo, 365 - 4 Andar - Centro|
|Security Analyst|  20.021-130 - Rio de Janeiro - RJ - Brasil |
|Penetration Tester  |  +55.021.282-1351 R. 104   |
||  [EMAIL PROTECTED] |
+-+
|"Windows NT can also be protected from nmap OS detection scans thanks|
|to *Nelson Brito* ..."   |
|  Trecho do livro "Hack Proofing your Network", pgina 93|
+-+