VPN and Q318138

From: Lucas, Mark J. (mjlucas@dar.caltech.edu)
Date: 06/21/02

• Previous message: security curmudgeon: "Re: ISS Advisory clarification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Lucas, Mark J." <mjlucas@dar.caltech.edu>
To: "'bugtraq@securityfocus.com'" <bugtraq@securityfocus.com>
Date: Thu, 20 Jun 2002 16:01:01 -0700

I submitted the following to NTBUGTRAQ, but Mr. Cooper doesn't seem to think
it's worth posting. I'd like a second opinion.... Thank you.

After applying Q318138, "Unchecked Buffer in Remote Access Service Phonebook
Could Lead to Code Execution", which was released last week, my Power Users
and Users could no longer connect to any VPN using the "connectoid" in
Network and Dial-up Connections. The icon switched from a cloud to a red X.
Right clicking on the icon would bring up properties but "connect" was
grayed out. Administrators could connect normally. Dial-up connections
were unaffected.

If C:\Documents and Settings\All Users\Application
Data\Microsoft\Network\Connections\Pbk\rasphone.pbk was opened Power
Users/Users could connect normally, as well as being able to connect during
logon by checking the "Log on using dial up networking" check box. While
connected this way, the connectoid in Network and Dial-up Connections showed
the normal cloud icon. However, once disconnected, the icon immediately
switched back to the red X and a new connection could not be initiated
through Network and Dial-up Connections but it could be initiated through
rasphone.pbk.

A new VPN connectoid could be created in the Power User/User account and
would work normally until logoff. When the Power User/User logged back on,
the connectoid would again be unusable.

A case was opened with Microsoft concerning this issue and they are aware of
the problem.

Uninstalling the hotfix on the clients immediately corrects the problem.

----------------
Mark J. Lucas, Sr. System Administrator
Development & Alumni Relations, Information Services
California Institute of Technology
Voice: (626) 395-2177
Fax: (626) 844-9356
mjlucas@dar.caltech.edu

---

• Previous message: security curmudgeon: "Re: ISS Advisory clarification"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages VPN and Q318138 ... Could Lead to Code Execution", which was released last week, my Power Users ... Network and Dial-up Connections. ... The icon switched from a cloud to a red X. ... the connectoid in Network and Dial-up Connections showed ... (NT-Bugtraq) Re: what is the 1394 connection ? ... >> I'm thinking this 1394 being enabled may be what's slowing my modem ... You only need one connectoid to be enabled (unless you are ... >What you are seeing under the Network Connections applet in Control ... Disabling the IEEE-1394 networking connectoid won't disable ... (microsoft.public.windowsxp.newusers) Re: what is the 1394 connection ? ... You only need one connectoid to be enabled (unless you are ... >>>What you are seeing under the Network Connections applet in Control ... >>>was bound to the analog 56K modem). ... Most users of the Firewire port use them for digital ... (microsoft.public.windowsxp.newusers) Re: DUN icon missing ... Go in Control Panel> Network and Dial-up Connections, right click on the connectoid and select "Properties". ... If it's not there install it. ... My create DUN screen is different and I can't create it in W2K, so my W98 connectoid works fine, but the password is wrong and I need to create a new password file in W2K. ... (microsoft.public.win2000.general) Re: Add SP2 then Server Dead. ... I plop in sp2 to my server and it will not talk to the world anymore. ... There is no connectoid in network. ... The Network connections service hung starting. ... There are no endpoints. ... (microsoft.public.windows.server.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)