lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200309040354.37437.bugtraq@nologin.org>
Date: Thu, 4 Sep 2003 03:54:37 +0200
From: nologin <bugtraq@...ogin.org>
To: bugtraq@...urityfocus.com
Subject: DoS - affecting _both_ ZA and W98

[-- Genre  : Denial of Service(DoS)
[-- Name  : augustiner.c
[-- Desc   :  Freezing Windows 98(not SE).
[--           :  DoS'ing Zonealarm

(note: those are seperate incidents. It affects both independantly, not just 
W98 with ZA)

[-- Url       : www.nologin.org



Yo everyone!

_6Mo_hAcK posted a perl script that he said DoS'es Zonealarm. Well my W2K
SP3 + ZA Pro 3.0.081 wasn't affected by his code, but as I coded something 
very similar a while ago, I modifed few lines and ran it against my ZA. 
Indeed sending massive amounts of UDP packets to random destination ports 
severly lags my W2k+ZA, rendering it mostly useless.

Also, the same code affects Win98 (SE apparently not affected?. Tried
that in VMware:)) It completely freezes while packets are being sent at it. As
soon as the flood stops the machine resumes normal operation, without any
obvious remaining negative effects. Note this is NOT related to Zonealarm. 
This is an independant vuln in Win98. That machine didnt have any firewall 
installed. 

While I found that Win98 was affected by flooding it with udp packets, the 
Zonealarm vuln(which is why I originally wrote the code :) was found by 
someone else. 

See attached code for both vulnerabilities.


[-- Greets : Mr. "o" for pointing me at ZA and the vuln!
[--             ace24 for being elite, cool, and a great guy             
[--             thorz for explaining me as much as I could ask years ago  
[--             skape for explaining me as much as I can ask today        
[--             thief for interesting discussions and lots of fun         
[--             ninja405 for providing nologin.org. Thx man!              
[--             ig88 for being the international man of mystery          
[--             westcose for being a great guy                            
[--             Mr. "I bet this was funny in ..." trew for his "humour" :]    
[--             phenoelit.de (especially FtR) for lots of fun             
[--             and a place to crash                                                


warlord
www.nologin.org

View attachment "augustiner.c" of type "text/x-csrc" (6133 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ