You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@apr.apache.org by Luke Kenneth Casson Leighton <lk...@samba-tng.org> on 2001/07/16 16:31:00 UTC

[ajv@E-SECURE.COM.AU: Re: Remote DoS attack against SSH Secure Shell for Windows Servers Vulnerability]

uh... just in case you hadn't seen this.  i'm forwarding it
because i think it might be relevant.

all best,

luke

----- Forwarded message from Andrew van der Stock <aj...@E-SECURE.COM.AU> -----

Delivered-To: lkcl@angua.rince.de
Delivered-To: lkcl@samba.org
Approved-By: Russ.Cooper@RC.ON.CA
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000
Importance: Normal
Date:         Mon, 16 Jul 2001 19:47:56 +1000
From: Andrew van der Stock <aj...@E-SECURE.COM.AU>
Subject:      Re: Remote DoS attack against SSH Secure Shell for Windows
              Servers Vulnerability
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
In-Reply-To:  <NC...@ussrback.com>

Almost every program using MS's C Runtime library for select() will suffer
from this problem. This vulnerability is only a problem if it listens on a
port. For example, nslookup.exe from Microsoft uses a whole bunch of CRT
calls, including select(), but doesn't listen on any ports.

Look for programs that use select(), and load msvcrt.dll (or close
relations, and/or statically link with them). The CRT has been known broken
for a long time.

If you port programs from Unix-land, please do yourselves a favor, and
change code that relies heavily on select() or poll() to use native winsock
async I/O. Not only do you get far higher throughput, it's likely that you
will be far more robust.

Andrew

-----Original Message-----
From: Windows NTBugtraq Mailing List
[mailto:NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM]On Behalf Of USSR Labs
Sent: Friday, 16 March 2001 05:42
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Subject: Remote DoS attack against SSH Secure Shell for Windows Servers
Vulnerability
Importance: High


[snip]
Topic:              Remote DoS attack against SSH Secure Shell for
Windows Servers Vulnerability

----------------------------------------------------------------------------
Delivery co-sponsored by Trend Micro
============================================================================
TREND MICRO REAL-TIME VIRUS ALERTS
If you would like to know about a virus outbreak before CNN and ZDNet get
Trend Micro Virus Info Feed FREE. Simply copy and paste a small piece of
code to give your visitors a real-time top 10 list and the latest virus
advisories. Setup takes just 10 minutes and requires no server-side code on
your Web site. All content is updated automatically from Trend Micro's Web
site.
http://www.antivirus.com/banners/tracking.asp?si=8&bi=237&ul=/syndication/
vinfo/
----------------------------------------------------------------------------

----- End forwarded message -----