Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Timbuktu Pro 2.0b650 DoS
From: dalew () CLEMSON EDU (Dale Whitchurch)
Date: Mon, 14 Feb 2000 20:59:58 -0500


Hello,

This problem also exists on 5.2.1 on the Macintosh platform.

Regards,

DaleW

On Fri, 11 Feb 2000, Laurent LEVIER wrote:

Cheers,

I found a Timbukto Pro (Remote Control NT Tool) vulnerability.

Concerned product : Timbuktu Pro 2.0b650 on Windows NT 4.0 until sp5

"Exploit" is :

- Connect and disconnect on port TCP/407 to make port TCP/1417 listening
- Connect on port TCP/1417 with a simple telnet.
- Disconnect from TCP/1417 (no data exchange).

Authentication protocol waits indefinitely.

This brings Timbukto Remote Control Denial-of-Service on control. Physical
contact is then needed to restart it.

Solution to get back operational:
      - Kill timbuktu process (using pslist/pskill for example)
      - Stop Timbuktu services
      - Start them again.

Patches:
      Not yet

Netopia is now aware of this.

Best regards


Laurent LEVIER
IT Systems & Networks, Unix System Engineer
Security Specialist

Argosnet Security Server : http://www.Argosnet.com
"Le Veilleur Technologique", "The Technology Watcher"


=========================================================
Dale Whitchurch
Server Administrator
Clemson SC 29634
dalew () clemson edu
=========================================================
Catapultam habeo. Nisi pecuniam omnem mihi dabis,
ad caput tuum saxum immane mittam.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]