lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 04 Feb 2004 07:30:40 +1300
From: Steve Wray <steve.wray@...adise.net.nz>
To: "'Daniel Kabs [ML]'" <dkabs@...otix.com>, bugtraq@...urityfocus.com,
   full-disclosure@...ts.netsys.com
Subject: RE: smbmount disrupts Windows file sharing.


Has anyone tried to replicate this from Windows?
(ie create a windows batch file which does the
same thing)? Or is the windows batch file language
too restricted to allow this sort of script?

Forgive my windows ignorance...

> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com 
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of 
> Daniel Kabs [ML]
> Sent: Tuesday, 3 February 2004 4:41
> To: bugtraq@...urityfocus.com; full-disclosure@...ts.netsys.com
> Subject: [Full-Disclosure] smbmount disrupts Windows file sharing.
> 
> 
> Announced: 2004-02-02
> Type: Denial of Service Attack on Windows
> Impact: smbmount can stop Windows from sharing files
> Writer: Daniel Kabs, Germany (daniel.kabs@....de)
> Credits: Thanks to Steve Ladjabi (steve.ladjabi@....de)
> 
> Contents:
> 1. Abstract
> 2. Affected Systems
> 3. Attack Setup
> 4. Symptoms 
> 5. Workaround
> 
> 
> 1. Abstract
> 
> A security vulnerability of "Windows XP" and "Windows 2003
> Server" has been found. Theses systems are open to a denial
> of service attack. If they share folders to a Unix client
> that is using smbmount (part of the Samba suite), any user
> on the client who has permissions to create directories on
> the mounted share can stop the Windows system from serving
> files. The attack induces a memory shortage on the Windows
> system by creating directories in a special way.
[snip]

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists