Advisories : Rideway PN Telnet DoS

main menu

- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news

discussions

- read forum
- new topic
- search

meetings

- meetings list
- recent additions
- add your info

top 100 sites

- visit top sites
- sign up now
- members

webmasters

- add your url
- add domain
- search box
- link to us

projects

- our projects
- free email

m4d network

- security software
- secureroot
- m4d.com

Home : Advisories : Rideway PN Telnet DoS

Title:	Rideway PN Telnet DoS
Released by:	Strumpf Noir Society
Date:	13th November 2000
Printable version:	Click here

Strumpf Noir Society Advisories

! Public release !

<--#





-= Rideway PN Telnet DoS =-



Release date: Tuesday, November 14, 2000





Introduction:



RideWay PN is a proxy server application that enables multiple users to

share resources and files and that allows users to access the Internet

simultaneously through one shared Internet connection.



Rideway PN can be found at vendor ITServ Inc's website,

http://www.itserv.com





Problem:



When Rideway PN is running with the telnet proxy service enabled,

sending several random streams of data to this port (default=23) can

cause the server to deny access to all services.





Demonstration:



Below is the response in the RPN logs after sending 5 requests

containing basically you're home-grown 200 byte buffer.



11/06/00 18:12:57 Error(11001): WSAHOST_NOT_FOUND

(gethostbyname)(NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN)

(DnsNameToIP)

11/06/00 18:12:57 Connect(1): need secure dest

NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN/06/00

18:12:57 Connect(1): need secure dest

NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN/06/00

18:13:01 Error(11001): WSAHOST_NOT_FOUND

(gethostbyname)(NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN)

(DnsNameToIP)

11/06/00 18:13:01 Connect(1): need secure dest

NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN/06/00

18:13:01 Connect(1): need secure dest

NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN/06/00

18:13:05 Error(11001): WSAHOST_NOT_FOUND

(gethostbyname)(NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN)

(DnsNameToIP)

11/06/00 18:13:05 Connect(1): need secure dest

NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN/06/00

18:13:05 Connect(1): need secure dest

NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN/06/00

18:36:20 Debug: ============ Initialize RideWay PN Server (161)

============



After this you'll find the services on the system are frozen untill the

server is restarted.





(..)





This problem was tested against Rideway PN v6.22 running on

Win95/98/NT/2K. Vendor was notified twice, but has yet to respond.



yadayadayada



SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)

compliant, all information is provided on AS IS basis.

EOF, but Strumpf Noir Society will return!