[plug] bringing insert-OS-here to its knees
Leon Brooks
leon at brooks.fdns.net
Wed Feb 28 13:29:38 WST 2001
Christian wrote:
> On Wed, Feb 28, 2001 at 10:48:44AM +0800, Leon Brooks wrote:
>> Windows 9X, definitely not. At last count, it was still possible to send
>> semi-random ICMP to a 9X box and sooner or later it dies.
> Do you have any links to further info about this vulnerability?
Not to hand, but they do exist. Just like the M$ claim that NT syscalls
were fully validated and so invulnerable to mistakes in syscall
paramaters: somebody actually tried it and got through some miserably
low average number of random syscalls before gutting NT each time.
> Microsoft has been pretty good about releasing patches in recent times
> so I'd be suprised if this problem exists and isn't fixed. However,
> your words "sooner or later it dies" makes it sound like Windows normal
> behaviour and not really linked to any actual malicious attack... ;-)
I'd like to get all picky and point out the dichotomy between ``normal''
meaning ``how it is intended to be'' and either ``typical'' or
``common'' meaning ``how it actually is.'' (-:
--
An employer once said, "What if I train my people and they leave?"
I say, "What if you don't train them... and they stay...?"
More information about the plug
mailing list