Re: [Full-Disclosure] Does the Windows AUX bug affect Web servers also?

From: jelmer (kuper237_at_planet.nl)
Date: 07/10/03

  • Next message: ZenTaosun: "[Full-Disclosure] Gconnect v1.0"
    To: Peter Kruse <kruse@krusesecurity.dk>, "'Richard M. Smith'" <rms@computerbytesman.com>, full-disclosure@lists.netsys.com
    Date: Thu, 10 Jul 2003 13:21:10 +0200
    
    

    >We had to remove the reference with a Windows 2000 bootdisk.

    actually you don't have to do this you can "trick" windows by using a UNC
    path

    you can delete the file by typing

    del \\.\C:\COM1

    or create a file with an invalid filename like this :

    echo bla > \\.\C:\COM1

    -- jelmer

    ----- Original Message -----
    From: "Peter Kruse" <kruse@krusesecurity.dk>
    To: "'Richard M. Smith'" <rms@computerbytesman.com>;
    <full-disclosure@lists.netsys.com>
    Sent: Wednesday, July 09, 2003 8:42 PM
    Subject: SV: [Full-Disclosure] Does the Windows AUX bug affect Web servers
    also?

    > Hi Richard,
    >
    > AFAIK it can´t be done with a http://www.someserver./aux but there´re
    > several other ways to exploit this DoS.
    >
    > It can be done over network shares and anywhere we include HTML and
    > scripts (webpages, e-mails, internal documents and so on). I have
    > succesfully crashed a server placering a "COMn" reference in a special
    > folder. We had to remove the reference with a Windows 2000 bootdisk.
    >
    > Other browsers are affected as well and at least two (of my knowledge)
    > are hit a lot harder than IE. They both cause the system to crash.
    >
    > Med venlig hilsen // Kind regards
    >
    > Peter Kruse
    > Kruse Security
    > http://www.krusesecurity.dk
    >
    > -----Oprindelig meddelelse-----
    > Fra: full-disclosure-admin@lists.netsys.com
    > [mailto:full-disclosure-admin@lists.netsys.com] På vegne af Richard M.
    > Smith
    > Sendt: 9. juli 2003 18:50
    > Til: full-disclosure@lists.netsys.com
    > Emne: [Full-Disclosure] Does the Windows AUX bug affect Web servers
    > also?
    >
    >
    > Is it possible to also crash a Web server hosted on a Windows box using
    > a URL something like:
    >
    > http://www.somebody.com/aux
    >
    > If this particular URL is okay, maybe there are other URLs that will
    > cause a crash. For example, POSTing a form to a URL containing AUX.
    >
    > This problem could be in any Windows Web server such as IIS, Apache,
    > ColdFusion, etc..
    >
    > (I don't have access to a Windows Web server to try this out myself.)
    >
    > Richard
    >
    > -----Original Message-----
    > From: full-disclosure-admin@lists.netsys.com
    > [mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of
    > xc3ed@phreaker.net
    > Sent: Wednesday, July 09, 2003 7:39 AM
    > To: full-disclosure@lists.netsys.com
    > Cc: KF
    > Subject: Re: [Full-Disclosure] Internet Explorer 6 DoS Bug
    >
    >
    > duplicated in Windows 2003 Server, datacenter edition, IE v6.0.3790.0
    >
    > regards, xsr
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: ZenTaosun: "[Full-Disclosure] Gconnect v1.0"

    Relevant Pages

    • Problem when using COM from a webservice
      ... reference I have add to my project. ... UNIX/LINUX and Windows driven production lines. ... The error message from the web server is HTTP 500 internal server ...
      (microsoft.public.dotnet.framework.interop)
    • Re: Loading windows xp...
      ... To see what NT services are rolled up into each instance of svchost, you need to use Process Explorer from SysInternals. ... You only need to have this NT service enabled and running if you use the firewall included in Windows or you run ICS. ... You might be able to use msconfig.exe or AutoRuns to find a startup entry for this. ... I have to wonder why you cannot decipher your own startup and running processes if you have the wherewithall to manage a web server and its pages. ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: SERVER ERROR
      ... Windows XP Home, then no MS Web server is supported. ... remove FP98 and the PWS and then install IIS via Add/Remove Window Components, ... I can open and edit from my website ...
      (microsoft.public.frontpage.client)
    • ~~~~~~~~~~~~~ WEB SERVER ~~~~~~~~~~~~~
      ... web hosting mac os x server ... web hosting packages server software open ... web hosting sql server windows ... web hosting web server ...
      (sci.psychology.theory)
    • Re: Alternative process termination notification in a GUI
      ... I guess we all know that Windows is an asynchronous universe but most ... guts of an Apache web server or the like simply does not. ... The topic for this thread is another solution that fits another size ...
      (alt.lang.asm)