lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <009306EBDB2AD711AFAB00D0B78EC3A7323F11@u-sais-ntx01.nsa.souda.navy.mil>
Date: Fri, 25 Jul 2003 12:48:05 +0300
From: "Angelidis, Fotis(NSASOUDABAY)" <AngelidisF@....souda.navy.mil>
To: "'bugtraq@...urityfocus.com'" <bugtraq@...urityfocus.com>
Subject: RE: Windows NT 4.0 with IBM JVM Denial of Service



>Microsoft has issued a bulletin and a patch.  More information
>is available at:

>http://www.microsoft.com/technet/security/bulletin/MS03-029.asp


>Recommendation:

>Java developers should identify all occurances and perform data
>validation where java.io.getCanonicalPath is used.

>NT 4.0 Administrators running servers which use Java servlets
>should consider installing the Microsoft supplied patch.

After installing the patch on an NT 4 SP 6a server, we experienced problems
with the RAS manager. Specifically, while the machine was rebooting after
the update, the familiar "One or more services ..." window popped up.
Seconds before we pull up the Event Viewer to examine what went wrong during
the startup Dr. Watson appeared stating that an exception had happened while
loading loadqm.exe. The Event viewer, on the other hand, showed us three
main error messages: 
Event ID 7001 - Remote Access Autodial Manager,
Event ID 7023 - Remote Access Connection Manager and 
Event ID 20067 - Point to Point Protocol failed to initialize. 

Uninstalling the patch didn't help, neither uninstalling/installing the RAS
service. The only solution which seemed appropriate at the moment was to
re-install the operating system, which we did.

After installing and setting up the server, we visited windowsupdate.com.
Since previously the specific patch was installed following the above link,
we decided to let Windows Update find the available patches for our case
this time. The patch was included in the recommended updates, so we
downloaded all the updates, installed and rebooted the machine.
Unfortunately, the same errors appeared again. The difference this time was
that after unistalling the specific patch everything was back to normal,
fortunately :)

Has anybody else experienced any kind of strange behaviour after installing
this patch ?


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ