|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Need help w/ Dell Windows security issue
Date: Wed Jan 15 2003 - 17:01:10 EST
('binary' encoding is not supported, stored as-is)
I've found a DoS vulnerability in a Dell openmanage application on a Win2K advanced server, and I am trying to discover if more can be done with the issue. I have little experience in working with vulnerabilities at the assembly and stack level.
Basically, a simple telnet to the open TCP port causes a particular service to die.
"an operation was attempted on something that is not a socket"
"the exception generated was c0000005 at address 00403234 {<nosymbols>}"
Dr. Watson - exception number: c0000005 (access violation)
FAULT -> 00403224 8b07 mov eax,[edi] ds:00000000=????????
(stack dump, etc. snipped for public posting)
I attempted to send many 0x41 chars, and then checked the various registers in the state dump (dr watson log file) but it does not appear that my data is getting through. Something about the connection itself breaks the service, whether it's a raw connection or a connection through telnet. I'm trying to isolate what the application actually expects and hope to have more information soon.
For all I know, nothing else can be done. However, given that my skills in this particular area are in their early formative stage, maybe someone else can provide some insight.
If anyone is kind enough to help analyze this issue further, please drop me a line. If anyone else is running Dell servers with any of the OpenManage applications for windows, please let me know.
Please direct any flames to /dev/null
Curt Wilson
Netw3 security
www.netw3.com
Received on Mon Jan 20 19:59:47 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:37 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |