Skip navigation
Menu
Security

Crashing CSM Proxy and NT

Crashing CSM Proxy and NT
Reported July 16, 98 by S.A.F.E.R. on BugTraq

SYSTEMS AFFECTED
  • Windows NT and Windows 95
  • CSM Proxy Server 4.1

DESCRIPTION

CSM Proxy accepts connection, even accepts username/password, and then checks if user is authorized (depending on source IP address) to access proxy server at all. This allows any user on Internet/Intranet to connect to port 21, send characters and crash the CSM Proxy server along with Windows NT. If CSM Proxy is located behind a firewall, only Intranet users are a threat.

HOW IT WORKS

If users sends 1030 characters or more to the FTP port (21), CSM Proxy will crash, and raise CPU usage to 100%. Restart of the proxy (Win95) or reboot (NT) is needed in order to recover system functionality.

CSM"S RESPONSE

They have been notified -- stay tuned to their Web site for a patch.

To learn more about new NT security concerns, subscribe to NTSD.

Credit:
Reported by: S.A.F.E.R on BugTraq
Posted here at NTSecurity.Net July 16, 1998
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
DevSecOps concept
90% of Java Services in Production Have Vulnerability Risk, DevSecOps Report Finds
Apr 20, 2024
Businesswoman challenges concept and gender obstacles
Women in Cybersecurity Face Barriers to Hiring, Advancement
Apr 15, 2024
person typing on keyboard with icons for certificates
Top IT Certifications for a Career in Finance
Apr 12, 2024
employee working on a laptop with AI
Why AI Coding Assistants May Be Greatest Cybersecurity Threat Facing Your Business
Mar 26, 2024