Bugtraq mailing list archives

Windows95 Proxy DoS Vulnerabilites

From: ryann () THE-BRIDGE NET (Ryan Nichols)
Date: Thu, 2 Jul 1998 20:37:32 -0500


While playing with a proxy server the other day, I have accidently
stumbled across two remote bugs in numerous proxy servers. Those
affected are "WinGate and StarTech". Both companies have been previously
notified of their vulnerability, and in WinGate's case I guess it has
been patched already.

The bug is pretty straight forward, telnet to the proxy server at its
pop3 port and type

For WinGate:
    USER x#99999.....

    With lots of nine's, the proxy server stops responding and needs to
be restarted.

For Startech:
     USER x<9999999.....>

      Once again, as many nines as possible, startech quits responding.

In Startech's case, this can also be done in the telnet daemon part of
it also...

Havent tried much others...

My Startech proxy server did not have a version number on it, and the
Wingate's wasn't available. Sorry, I will try to get this in tommarrow
if neccessary...


    -Ryan
     (ryann () the-bridge net / http://www.the-bridge.net/~ryann)

Current thread:

ircd 2.9.5 & ircii-pana DNS problems Michal Zalewski (Jun 30)
- qpopper2.52 Alan J Rosenthal (Jul 02)
  - Re: qpopper2.52 Dan Jacobowitz (Jul 02)
  - ALERT: Microsoft IIS ASP - $DATA issue update Aleph One (Jul 02)
- Re: ircd 2.9.5 & ircii-pana DNS problems Valdis.Kletnieks () VT EDU (Jul 02)
- SECURITY: redhat, the saga continues.. twiztah (Jul 02)
  - Windows95 Proxy DoS Vulnerabilites Ryan Nichols (Jul 02)
  - Re: SECURITY: redhat, the saga continues.. Jim Bourne (Jul 02)
  - Re: SECURITY: redhat, the saga continues.. Chris Adams (Jul 03)
  - more about 'at' J.A. Gutierrez (Jul 03)