Bugtraq mailing list archives
UPDATE TO OOB FIX
From: aaronw () POBOX COM (Aaron Weintraub)
Date: Tue, 13 May 1997 02:28:38 -0400
----- PLEASE READ THIS DOCUMENT IN ITS ENTIRETY ------ May 13, 1997 2am EDT NEW INFORMATION DISCOVERED After you apply this patch, any TCP servers you run will not handle OOB data in an expected way. This can be anything from a minor inconvience to you to a major problem. Therefore, once again, if you do not feel comfortable doing this, wait for Microsoft's fix; one is expected soon. For example, FTP servers will not be able to process abort transfer commands correctly. NOTE: WORKS ON WINDOWS 95 ONLY. DO NOT APPLY TO WINDOWS NT NOTE: THIS PATCH IS PROVIDED TO YOU AT YOUR OWN RISK. NO ONE IS RESPONSIBLE TO ANY DAMAGE TO YOUR MACHINE EXCEPT YOU. IF YOU DO NOT UNDERSTAND THE CONSEQUENCES, WAIT FOR AN OFFICIAL MICROSOFT FIX. This is the latest and best(?) fix for the Windows 95 OOB hole that allows anyone to crash your machine. This fix works on all releases of Windows 95 (950/950a and 950b/1111[OSR2]). This patch *does* allow Netbios to work as it usually does (e.g. LAN f/p sharing) Simply double click on the .reg file included in this zip and reboot. You may then undo whatever temporary fix you have done. To undo it, you must use regedit to remove the BSDUrgent key entirely. Please let any one of us know of any troubles. Here is a direct quote from my source (for win95) http://www.microsoft.com/kb/articles/q158/4/74.htm Hkey_Local_Machine\System\CurrentControlSet\Services\VxD\MSTCP BSDUrgent = 0 or 1 If this value is 1, specifies that Microsoft TCP/IP is to treat urgent data the way some UNIX systems do (with a maximum of 1 byte of urgent data, for example). If this value is 0, it specifies that the stack is to handle urgent data as specified by RFC 1122. The default is 1. Aaron Weintraub (original and new information discoverer) aaronw () pobox com Skream (original testing) skream () coca net Matt Wilbur (new information testing) matt () efs org Jason Tackaberry (new information testing) tack () cyber-space net Jiva DeVoe (new information testing) jiva () devware com http://www.mydesktop.com/ for the latest in breaking news.
Current thread:
- Linux UID/GID 'Feature' David Phillips (May 10)
- Re: Linux UID/GID 'Feature' Steve \ (May 11)
- Re: Linux UID/GID 'Feature' Ariel Biener (May 11)
- Yet another WinNuke page. Nobody (May 11)
- Re: Linux UID/GID 'Feature' Jim Trocki (May 11)
- Re: Linux UID/GID 'Feature' Jon Lewis (May 11)
- more DoS fun Ghent (May 11)
- Re: Linux UID/GID 'Feature' Andrew G. Morgan (May 11)
- sendmail 8.8.6 Beta release available Jason R Mastaler (May 11)
- New Win95 OOB fix allows Netbios to be used Aaron Weintraub (May 12)
- UPDATE TO OOB FIX Aaron Weintraub (May 12)
- Re: New Win95 OOB fix allows Netbios to be used Ian MacPhedran (May 13)
- UPDATE TO OOB FIX Wojciech Swieboda (May 13)
- Re: ELM overflow security () home bti pl (May 14)
- Re: ELM overflow Michel GAUDET (May 16)
- potential root exploit with help from sam (HP-UX 10.x) David Hyams (May 14)
- Re: potential root exploit with help from sam (HP-UX 10.x) Trevor Schroeder (May 14)
- Sun Security Bulletin #00140 Sun Security Coordination Team (May 14)
- Non-executable stack -- final Linux kernel patch Solar Designer (May 14)
- NT4.0 SP3 Still vulnerable Aaron Spangler (May 15)
- MicroSolved finds hole in Ascom Timeplex Router Security Brent Huston (May 15)