Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Timbuktu Pro 2.0b650 DoS
From: dalew () CLEMSON EDU (Dale Whitchurch)
Date: Mon, 14 Feb 2000 20:59:58 -0500


This problem also exists on 5.2.1 on the Macintosh platform.



On Fri, 11 Feb 2000, Laurent LEVIER wrote:


I found a Timbukto Pro (Remote Control NT Tool) vulnerability.

Concerned product : Timbuktu Pro 2.0b650 on Windows NT 4.0 until sp5

"Exploit" is :

- Connect and disconnect on port TCP/407 to make port TCP/1417 listening
- Connect on port TCP/1417 with a simple telnet.
- Disconnect from TCP/1417 (no data exchange).

Authentication protocol waits indefinitely.

This brings Timbukto Remote Control Denial-of-Service on control. Physical
contact is then needed to restart it.

Solution to get back operational:
      - Kill timbuktu process (using pslist/pskill for example)
      - Stop Timbuktu services
      - Start them again.

      Not yet

Netopia is now aware of this.

Best regards

Laurent LEVIER
IT Systems & Networks, Unix System Engineer
Security Specialist

Argosnet Security Server : http://www.Argosnet.com
"Le Veilleur Technologique", "The Technology Watcher"

Dale Whitchurch
Server Administrator
Clemson SC 29634
dalew () clemson edu
Catapultam habeo. Nisi pecuniam omnem mihi dabis,
ad caput tuum saxum immane mittam.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]