Re: Remote DoS attack against SSH Secure Shell for Windows Servers Vulnerability

• Vorherige Nachricht: David LeBlanc: "Re: Remote DoS attack against SSH Secure Shell for Windows Servers Vulnerability"
• Als Antwort auf: David LeBlanc: "Re: Remote DoS attack against SSH Secure Shell for Windows Servers Vulnerability"
• Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]

> Almost every program using MS's C Runtime library for select() will suffer
> from this problem. This vulnerability is only a problem if it listens on a
> port. For example, nslookup.exe from Microsoft uses a whole bunch of CRT
> calls, including select(), but doesn't listen on any ports.

Just adding a follow-up to David's comments on this post. While true this
'problem' exists in the runtime, as David points out RFTM. However, as Ussr
Labs stated it's the result of using up all 64 connections that's a bigger
problem than it just being limited to 64 connections. At connection 65 the
application dies, this is not due to the runtime library. The release code
should gracefully handle refusing additional connections and not assert on
ssh_adt_num_objects(ssh_eloop_event) < 64.

Cheers,
Bill Sobel
Symantec

----------------------------------------------------------------------------
Delivery co-sponsored by Trend Micro
============================================================================
TREND MICRO REAL-TIME VIRUS ALERTS
If you would like to know about a virus outbreak before CNN and ZDNet get
Trend Micro Virus Info Feed FREE. Simply copy and paste a small piece of
code to give your visitors a real-time top 10 list and the latest virus
advisories. Setup takes just 10 minutes and requires no server-side code on
your Web site. All content is updated automatically from Trend Micro's Web
site.
http://www.antivirus.com/banners/tracking.asp?si=8&bi=237&ul=/syndication/
vinfo/
----------------------------------------------------------------------------

• Vorherige Nachricht: David LeBlanc: "Re: Remote DoS attack against SSH Secure Shell for Windows Servers Vulnerability"
• Als Antwort auf: David LeBlanc: "Re: Remote DoS attack against SSH Secure Shell for Windows Servers Vulnerability"
• Nachrichten sortiert nach: [ Datum ] [ Thread ] [ Subject ] [ Autor ] [ Attachement ]

Relevant Pages Re: Remote DoS attack against SSH Secure Shell for Windows Servers Vulnerability ... socket handles in an FD_SET structure are ... It's a fair bit more code, but very much worth it. ... Delivery co-sponsored by Trend Micro ... TREND MICRO REAL-TIME VIRUS ALERTS ... (NT-Bugtraq) Re: Way OT Computer Security ... directly to the internet for nearly five years. ... All it takes is ONE virus to screw things up. ... And people use thier computers for filing income taxes, ... What about those of us with broadband connections? ... (alt.support.diabetes) Re: NT 4.0 Security Roll-up and the issue of hotfixes ... The list of "25 patches above and beyond the SRP" is not really 25, ... three packages, installing the SRP, following 6 workarounds, and applying 3 ... Delivery co-sponsored by Trend Micro ... TREND MICRO REAL-TIME VIRUS ALERTS ... (NT-Bugtraq) Re: security warning box ... Definitely looks like a virus activity for me. ... Try Trend Micro's Sysclean package, it's capable of eliminating keyloggers, trojans etc. ... Once done, and maximum junk is eliminated by Trend Micro, follow the advice ... the live update was disabled. ... (microsoft.public.windowsxp.help_and_support) Code Red and August 1st ... Delivery co-sponsored by Trend Micro ... TREND MICRO REAL-TIME VIRUS ALERTS ... your Web site. ... (NT-Bugtraq)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint