RE: bug w2k

From: Corwin, George (George_Corwin@daytimer.com)
Date: 07/30/01


Message-ID: <10F29AA22250D3119A7900508B0CD110059F38@dt-et02.daytimer.com>
From: "Corwin, George" <George_Corwin@daytimer.com>
To: "'Mark Saum'" <msaum@fidelisconsulting.com>, VULN-DEV@securityfocus.com
Subject: RE: bug w2k
Date: Mon, 30 Jul 2001 12:55:07 -0500

I followed the same procedure with TS in Admin mode and I was able to
terminate my session by closing TS Client. I then logged in again and was
able to Kill the CMD.EXE session that was still running from my prior
TSClient session. It didn't require me to reboot.

-----Original Message-----
From: Mark Saum [mailto:msaum@fidelisconsulting.com]
Sent: Saturday, July 28, 2001 5:38 PM
To: VULN-DEV@securityfocus.com
Subject: RE: bug w2k

I've verified this to work on Win2K Pro SP2. It took 3 F7s and my system
hard-booted as if I had hit the reset button.

On a Win2K Server SP2 on a terminal session (administrator mode) it doesn't
crash the box. However:
 - You can create a "cmd.exe" session that is unkillable
 - You can't log off that session
 - You can't kill that session or "cmd.exe" process from the console
(taskmgr.exe)
 - You can't log the user off from Terminal Services Manager
 - You can't create another instance of "cmd.exe" in that terminal session
 - A reboot is required to kill the session.

Regards,

Mark Saum

Fidelis Consulting Corporation
Dallas, TX

-----Original Message-----
From: SIFFREDI DANIEL [mailto:DSIFFREDI@nacion-afjp.com.ar]
Sent: Friday, July 27, 2001 2:45 PM
To: 'bugtraq@securityfocus.com'
Subject: bug w2k

Hello, this is a new bug found in W2K in all flavors, works with all levels
of users.
 
Here is the proof of concept:
 
Open a Cmd Window
Ping to any host (for example ping 10.100.2.1 preferred a host in your LAN),
no switch needed. Just ping
Now press F7 and Enter (try a couple of times quickly...less than ten , and
you can see what a meaning)
The machine reboots, from nothing a warm reboot.
Please let me know if you have the same bug. I tried this in W2k sp2 English
and Spanish.

Daniel Siffredi
Administrador de Red de Microinformatica.
Nacion AFJP SA

"WorldSecure" made the following
 annotations on 07/30/01 12:49:23
------------------------------------------------------------------------------

[INFO] -- Virus Manager:
This message was scanned with Network Associates Viper,
and no viruses were detected.

==============================================================================



Relevant Pages

  • Re: who sees to many users
    ... I actually have no xterms or ssh/telnet sessions open. ... I click "new session" and immediatly log it out again, ... It sounds like a bug somewhere to me, but I have no idea at ...
    (Fedora)
  • Re: setssionetc and sessionexit ignored under gnome?
    ... I suppose you could copy the first phase gnome startup file ... but you would have to remember to undo that if&when Sun fixes that "bug", ... run when running a non-CDE session (not just GNOME, ... folks migrating from Windows!). ...
    (comp.unix.solaris)
  • Re: Framework bug with Auth and Session state?
    ... I don't know if it is a bug or not, but I experience the same problems. ... I was storing a password in a session variable so ... authenticating using Forms Auth and using a trusted db connection was ... of Forms Auth and password in the connection string (stored in a session ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: [kde-linux] End Session problem
    ... but the 'End Session' worked perfectly. ... James take a look at Bug #33095 at http://qa.mandriva.com/ ... with Fedora 8 and an NVIDIA proprietaries, ... This message is from the kde-linux mailing list. ...
    (KDE)
  • RE: bug w2k
    ... Subject: bug w2k ... - You can create a "cmd.exe" session that is unkillable ... Ping to any host, ... The machine reboots, ...
    (Vuln-Dev)