[plug] bringing insert-OS-here to its knees
Christian
christian at amnet.net.au
Wed Feb 28 15:30:25 WST 2001
On Wed, Feb 28, 2001 at 01:29:38PM +0800, Leon Brooks wrote:
> > Do you have any links to further info about this vulnerability?
>
> Not to hand, but they do exist. Just like the M$ claim that NT syscalls
> were fully validated and so invulnerable to mistakes in syscall
> paramaters: somebody actually tried it and got through some miserably
> low average number of random syscalls before gutting NT each time.
I couldn't find anything about what you describe in the SecurityFocus
vulnerability database. There were a couple of remote DoS problems with
Windows but there were patches for all of them.
> > Microsoft has been pretty good about releasing patches in recent times
> > so I'd be suprised if this problem exists and isn't fixed. However,
> > your words "sooner or later it dies" makes it sound like Windows normal
> > behaviour and not really linked to any actual malicious attack... ;-)
>
> I'd like to get all picky and point out the dichotomy between ``normal''
> meaning ``how it is intended to be'' and either ``typical'' or
> ``common'' meaning ``how it actually is.'' (-:
I don't think "normal" ever means "how it is intended to be" although
people often like to misuse it that way. It simply means that which is
the norm.
More information about the plug
mailing list