| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 9 Mar 2005 00:48:00 -0000 From: <caldcv@...dents.fccj.org> To: bugtraq@...urityfocus.com Subject: Re: Windows Server 2003 and XP SP2 LAND attack vulnerability In-Reply-To: <20050307215532.GA24251@...os.microshaft.org> >All: > >I would like to hear from someone who can reproduce this. If you can, please send >details with OS, patches installed, pcaps, etc. not a report of what tools you used >to create the packet, sniff and replay the results. I've tested this and either my >machines are magically protected from this attack, or it is invalid (despite what >the press might say). I'd like some outside corroboration of this attack. OK, I run Microsoft Windows [Version 5.2.3790] aka Windows Server 2003. All service packs have been installed. I went to Windows Update, and nothing installed. Windows Firewall is off. My linux box is a sarge installation of Debian, which is up to date. Interesting ports on 192.168.0.100: (The 1600 ports scanned but not shown below are in state: closed) Port State Service 135/tcp open loc-srv 139/tcp open netbios-ssn The code I used is from here: http://www.k-otik.com/exploits/20050307.windos.c.php eight@...set-bitch:~/code$ sudo ./land-new 192.168.0.100 139 Packet sent. Remote machine should be down. The original land.c code didn't want to compile on my linux box.. so I saw this on a slashdot post, tested it, and it locks the machine up to 100% CPU for about 8-10 secs, then goes back to normal. I hope this helps. --CC
Powered by blists - more mailing lists