Bugtraq mailing list archives
Re: RFP9903: AeDubug vulnerabilty
From: davidz () IHUG COM AU (David Zverina)
Date: Thu, 14 Oct 1999 21:04:40 +1000
It is possible to disable this behaviour (which I always do for servers) by starting Dr Watson (Run: drwtsn32) and deselecting the "Visual Notification Checkbox". While there I also usually disable the create crash dump file as this can take quite a while for large processes and the machine runs like a dog in the meanwhile. Dave. --- David Zverina Engineer - Black Ice Software "This message transmitted on 100% recycled electrons."
-----Original Message----- From: Bugtraq List [mailto:BUGTRAQ () SECURITYFOCUS COM]On Behalf Of Steve Coleman Sent: Wednesday, 13 October 1999 0:15 To: BUGTRAQ () SECURITYFOCUS COM Subject: Re: RFP9903: AeDubug vulnerabilty Mark Dixon wrote:Does the debugger fire when no one is logged in ? I imagine it does but I've never seen a Dr Watson at the login screen.I once had an NT cron job that would invoke Dr Watson late at night when ever a certain piece of network hardware was not accessible. The Dr Watson would hang until someone logged in and clicked the Ok button. During the interum, since my application instance was still loaded in memory, a new instance could not be run at any subsequently scheduled time. It seems to me that this behaviour could be classified as a DOS attack if someone knew how to force a Dr Watson for a given process. I don't recall what version of Dr Watson but I do know that it occured with both NT 3.51 and NT 4.0 sp3. -- Steve Coleman <Steve.Coleman () jhuapl edu> http://www.jhuapl.edu/ <<--------->> Johns Hopkins Applied Physics Laboratory <<---------->> Balt:443-778-6330 Fax:443-778-5597 Wash:240-228-6330 Fax:240-228-5597
Current thread:
- Re: RFP9903: AeDubug vulnerabilty Mark Dixon ext3456 (Oct 05)
- Re: RFP9903: AeDubug vulnerabilty David LeBlanc (Oct 07)
- <Possible follow-ups>
- Re: RFP9903: AeDubug vulnerabilty Mark Dixon (Oct 09)
- Re: RFP9903: AeDubug vulnerabilty Steve Coleman (Oct 12)
- Re: RFP9903: AeDubug vulnerabilty David Zverina (Oct 14)
- Re: RFP9903: AeDubug vulnerabilty David LeBlanc (Oct 12)
- Re: RFP9903: AeDubug vulnerabilty Jesper M. Johansson (Oct 12)
- Resistance is futile, or what I learned trying to secure the scanner Blue Boar (Oct 12)
- SECURITY: RHSA-1999:040 New PAM packages available Cristian Gafton (Oct 12)
- Re: RFP9903: AeDubug vulnerabilty Steve Coleman (Oct 12)