mailing list archives
Denicomp REXECD/RSHD Denial of Service Vulnerability
From: SNS Research <vuln-dev () GREYHACK COM>
Date: Thu, 3 May 2001 21:27:42 +0200
Strumpf Noir Society Advisories
! Public release !
-= Denicomp REXECD/RSHD Denial of Service Vulnerability =-
Release date: Thursday, May 3, 2001
Denicomp's REXECD and RSHD products are ports of their counterparts
on Unix-based systems, allowing the use of the rcp, rsh and rexec
commands on machines running MS Windows.
These products can be obtained through the vendors website at:
There exists a problem in the port-handling code of mentioned
products which exposes the services provided by these to a DoS attack.
When a string of +/- 4300 bytes is sent to the listening port of
the REXEC and/or RSH daemons (defaulting to the standard 512 and
514 ports), the service in question will die.
A restart will be needed to regain full functionality.
Vendor has been notified and has verified this problem. New versions
of these products will be released from the vendor's website shortly.
Denicomp Winsock RSHD/NT v2.18.00 (Intel)
Denicomp Winsock RSHD/NT v2.17.07 (DEC Alpha)
Denicomp Winsock REXECD/NT v1.05.00 (Intel)
Denicomp Winsock REXECD/NT v1.04.08 (DEC Alpha)
Denicomp Winsock RSHD/95 v2.18.03
Denicomp Winsock REXECD/95 v1.00.02
Earlier versions are expected to be vulnerable as well, users are
encouraged to upgrade.
Free sk8! (http://www.freesk8.org)
SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)
compliant, all information is provided on AS IS basis.
EOF, but Strumpf Noir Society will return!
- Denicomp REXECD/RSHD Denial of Service Vulnerability SNS Research (May 11)