CSM Proxy and NT
Reported July 16, 98 by S.A.F.E.R. on BugTraq SYSTEMS AFFECTED
CSM Proxy accepts connection, even accepts username/password, and then checks if user is authorized (depending on source IP address) to access proxy server at all. This allows any user on Internet/Intranet to connect to port 21, send characters and crash the CSM Proxy server along with Windows NT. If CSM Proxy is located behind a firewall, only Intranet users are a threat.HOW IT WORKS
If users sends 1030 characters or more to the FTP port (21), CSM Proxy will crash, and raise CPU usage to 100%. Restart of the proxy (Win95) or reboot (NT) is needed in order to recover system functionality.CSM"S RESPONSE
They have been notified -- stay tuned to their Web site for a patch.
To learn more about new NT security concerns, subscribe to NTSD.Credit:
Reported by: S.A.F.E.R on BugTraq
Posted here at NTSecurity.Net July 16, 1998