Blue screen in Windows

From: David F. Madrid (idoru_at_VIDEOSOFT.NET.UY)
Date: 05/20/03

  • Next message: http-equiv_at_excite.com: "Restricted Zone: the OUTLOOK EXPRESS"
    Date:         Tue, 20 May 2003 22:04:54 +0200
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Issue :

    Blue screen in Windows

    Tested versions :

    W2000 Server Sp3 with IE 6.0 Sp1
    XP Pro with IE 6.0

    Vendor status :

    MS is investigating the issue but as they spent months to just acknowledge
    it I decided to publish it

    Description :

    With Internet Explorer you can make calls using netmeeting ,
    navigating to callto Urls . On the systems tested if you try to
    navigate to a specially crafted callto url Windows halt with a
    Kmode exception not handled . I can´t reproduce this always,
    particulary not after rebooting from the system halt , but the issue
    was confirmed in two different computers .

    I am afraid I can´t give any debugging info cause no causing module is
    shown in the BSOD .

    Exploit :

    In the spanish version of this advisory you can find a demonstration

    http://nautopia.org/vulnerabilidades/callto_bluescreen.htm

    Just click the link "Pulsa aquí para parar Windows"

    Regards ,

    David F. Madrid ,
    Madrid , Spain

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    EXECUTIVE SEMINAR: "Information Security and the Disappearing Perimeter"

    Join Peter S. Tippett, PhD, M.D., the industry's foremost authority on
    network security, and TruSecure for a free breakfast seminar on "The Impact
    of the Disappearing Perimeter." Learn how you can proactively protect your
    organization against today's newest threats, including those from remote
    users, business partners and wireless. To register, and to view the full
    list of dates and cities, click below or call 1-888-396-8348.

    http://www.trusecure.com/offer/s0096/

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


  • Next message: http-equiv_at_excite.com: "Restricted Zone: the OUTLOOK EXPRESS"

    Relevant Pages

    • Re: How to find process behing TCP connection ?
      ... FoundStone but it doesnt work well on Windows 2003. ... initiates connection to service on port 139 too many workstations. ... The NSA has designated Norwich University a center of Academic ... in Information Security. ...
      (Security-Basics)
    • RE: Hacked (...still cleaning)
      ... if this is windows 2000 or windows xp, turn off windows file protection, and then once the file is deleted, it should STAY deleted ... files, he used that for installing it as a service probably, open it ... Earn your MS in Information Security ONLINE Organizations worldwide are in need of highly qualified information security professionals. ...
      (Security-Basics)
    • Mac X-Server Security Questions...
      ... and am fairly conversant in security matters from a Windows POV ... As for what happened, the account database was definitely compromised, ... OS-X and its accompanying layered packages. ... Earn your MS in Information Security ONLINE ...
      (Security-Basics)
    • RE: fport on windows 2003 server
      ... fport on windows 2003 server ... Earn your MS in Information Security ONLINE ... degree without disrupting your home or work life. ...
      (Security-Basics)
    • Re: VPN between WinXP and OpenBSD (sometimes works and sometimes doesnt)
      ... > using Windows XP and some are using Windows server 2003. ... > Earn your MS in Information Security ONLINE ... > degree without disrupting your home or work life. ...
      (Security-Basics)