Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: WINS flooding

WINS flooding

From: Aleph One <aleph1_at_DFW.NET>
Date: Fri, 1 Aug 1997 12:50:34 -0500

---------- Forwarded message ----------
Date: Fri, 1 Aug 1997 12:17:53 -0400
From: Holas, Ondxej <OHolas_at_EXCH.DIGI-TRADE.CZ>
To: NTBUGTRAQ_at_RC.ON.CA
Subject: WINS flooding

When a flood of random (size and contents) UDP packets is sent to port
137/UDP to machine running WINS Server, this service stops after about 5
seconds. I reproduced this on several machines running NTS 4.0 + WINS.
Even if there were SP3 and all (12) recent postfixes, this service
stops. The stop is regular, without Access Violation, manual restart is
possible (probably, when attacked, WINS service reports its state to
SCM). I never tried to reproduce this issue on NT 3.5x.

I discovered there are many unprotected WINS servers in the Internet,
which are vulnerable to such attacks (including one well-known software
vendor).

I reported this bug 06/27/1997, but now, I have neither reply from MS
nor available fix.

If there's somebody who wants to get sample source (in C, of course) of
killing program, I can send it against E-mail.

Ondrej Holas, MCSE
DIGI TRADE, spol. s r.o.
Czech Republic
Received on Aug 01 1997

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]