Vulnerability Development: Re: Win2K Local DoS?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: Win2K Local DoS?

From: Alexander Sanda <as () PSA AT>
Date: Thu, 3 Aug 2000 18:14:13 +0200

At 05:29 03.08.2000 -0700, Kevin Stephenson wrote:

I ran services.exe from the run box, and it took my load up to 100%.
Checking the task list, there were 2 services.exe and Win2K would not allow
me to kill either process. The one I spawned was running at 99% of load. I
then started up another 10 services.exe processes. Eventually, the load
spread to about 33% over 3 of the processes. I don't see a way to kill
these processes without a reboot. Have a nice day.


This is only because task manager doesn't let you terminate "critical
system processes" (services.exe beeing one of them). With some other
utility (e.g. the process viewer coming with the resource kit or Visual
C++) you can safely kill this process.

And there is absolutely no reason for services.exe beeing executable by
normal users (although, the standard permissions set by the Win2k
installation disagree here ;) ).

By Date By Thread

Current thread:

Win2K Local DoS? Kevin Stephenson (Aug 03)
- Re: Win2K Local DoS? Dimitry Andric (Aug 03)
- Re: Win2K Local DoS? Alexander Sanda (Aug 03)
- Re: Win2K Local DoS? LordRaYden (Aug 05)
- <Possible follow-ups>
- Re: Win2K Local DoS? Oliver Friedrichs (Aug 03)
- Re: Win2K Local DoS? Maxime Rousseau (Aug 05)
  - Re: Win2K Local DoS? Dimitry Andric (Aug 05)
    - Re: Win2K Local DoS? Kevin Stephenson (Aug 06)