re: weird Windows 2000/XP bug

From: awe@centrum.cz
Date: 10/30/01


Date:   Tue, 30 Oct 2001 19:47:34 +0100
From: <awe@centrum.cz>
To: <teo@gecadsoftware.com>, <vuln-dev@securityfocus.com>
Subject: re: weird Windows 2000/XP bug
Message-Id: <20011030184743Z684106-32534+266@mail.centrum.cz>

Hi,
I've traced this and problem is in API function WriteFile, further
in some NT internal call (int 2E), it only occurs when console is
used as the output file. A have two different results, on one
computer this leads to system reset, on the other to BSOD
(0xc000021a STOP). All were W2K, SP2. I'll try tomorrow on NT4.
The registers before int 2E call were:

 EAX = 000000B0 EBX = 00000000 ECX = 0094007C EDX = 0012F914 ESI =
0012F954 EDI = 00000000
 EIP = 77F8224B ESP = 0012F910 EBP = 0012F92C EFL = 00000246
 MM0 = 0000000000000000 MM1 = 0000000000000000 MM2 =
0000000000000000 MM3 = 0000000000000000 MM4 = 0000000000000000
 MM5 = 0000000000000000 MM6 = 0000000000000000 MM7 = 0000000000000000
 CS = 001B DS = 0023 ES = 0023 SS = 0023 FS = 0038 GS = 0000 OV=0
UP=0 EI=1 PL=0 ZR=1 AC=0 PE=1 CY=0
 ST0 = +0.00000000000000000e+0000 ST1 = +0.00000000000000000e+0000
ST2 = +0.00000000000000000e+0000
 ST3 = +0.00000000000000000e+0000 ST4 = +0.00000000000000000e+0000
ST5 = +0.00000000000000000e+0000
 ST6 = +0.00000000000000000e+0000 ST7 = +0.00000000000000000e+0000
 CTRL = 027F STAT = 0000 TAGS = FFFF EIP = 00000000
 CS = 0000 DS = 0000 EDO = 00000000

Martin.
______________________________________________________________
> Od: Teodor Cimpoesu <teo@gecadsoftware.com>
> Komu: vuln-dev@securityfocus.com
> CC:
> Datum: Mon, 29 Oct 2001 17:19:47 +0200
> Předmět: weird Windows 2000/XP bug
>
> Some guys arround here are having fun with a little C program
which causes
> Windows200/XP to reboot:
>
> #include <stdio.h>
>
> int main(void)
> {
> while (1)
> printf("\t\t\b\b\b\b\b\b");
> return 0;
> }
>
> I don't know exactly where it was first seen, and who discovered
it; just
> thought to forward it here maybe others have insights.
>
> comments?
>
> -- teodor
>

-----
Nový vyhledávač pro český internet www.webfast.cz - prostě najde ...



Relevant Pages

  • I think I have been hijacked.
    ... I am running windows xp on my Compaq Presario and Toshiba laptop, ... An internet connection appears to have been added through a USB. ... R - Registry, StartPage/SearchPage changes ... Fixed crashing bug on certain Win2000 and WinXP systems at O23 listing ...
    (microsoft.public.windowsxp.security_admin)
  • RE: [Full-Disclosure] Internet Explorer 6 DoS Bug
    ... Internet Explorer 6 DoS Bug ... >I found a bug in IE6 ón Windows XP with all Service Packs and Patches ...
    (Full-Disclosure)
  • [PATCH] Fix for bug W343-3, part 1: Details of the console API bug
    ... Bug W343-3 really consists of two distinct and unrelated bugs. ... Windows; it appears when certain character sets are configured. ... print_glyph_8(unsigned glyph, int X, int Y) ...
    (rec.games.roguelike.nethack)
  • Re: internet conect
    ... windows 2k and xp ... Post relevant declarations as well. ... BUG: InternetSetOption does not set timeout values ...
    (microsoft.public.vb.general.discussion)
  • Re: ADSL Works but now Network is stuffed - Win2000 error
    ... There is a bug that I remember looking up on the Win2K support site. ... Say for example that you have ADSL and to get internet on the workstations you have to set DNS, then Windows can suffer delays logging on etc. ...
    (microsoft.public.win2000.networking)