Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

nobo-DoS.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 39 Views

Nobo denial of service due to buffer overflow from large UDP packets can crash the program remotely.

Code
`Date: Thu, 4 Feb 1999 16:52:00 -0500  
From: Andrew J. Gavin <[email protected]>  
To: [email protected]  
Subject: NOBO denial of service  
  
As reported by [email protected] approximately a week ago, nobo (a back  
orifice scanning detector) has a buffer overflow problem that will crash  
the program remotely. Sending a UDP packet (larger than 1024 bytes) will  
give the error:  
  
A network error has ocurred: Message too long (10040-92)  
  
Sending 15 of these packets (the minimum required) will crash nobo (stack  
fault in kernel32.dll), with NOTHING recorded to the log file or to the  
screen.  
  
I tested this against nobo 1.2 from both Windows 98 and linux, giving the  
same results. Using 'assault' (included with the mIRC script "7th  
sphere", I believe) in Windows, for example, I was able to send 15 UDP  
packets at 1025 bytes in size, crashing my nobo. In linux, I was able to  
crash my nobo by echoing a string 1025 characters in length, piping it  
through nc (with the -u flag), and repeating 14 more times.  
  
I'm sure some nice scripts could be written to do this to a class C  
subnet. The only drawback to this is that it would be rather  
bandwidth-intensive (15 x 1025 bytes x 255).  
  
----------  
[email protected]  
k3nny or ChazeFroy on Efnet IRC  
  
-------------------------------------------------------------------------  
  
Nobo and Netbuster Dos  
  
Wolfgang Gassner ([email protected])  
Wed, 20 Jan 1999 09:46:56 PST   
  
Simply send Big Udp Packets to eg. Port 31337 and Mr. Nobo will see  
a Big error message at each Packet!!!  
As Default Nobo only Logs on screen and not into file that means  
you can erase your Ping!!  
I tested this on NT and W95 and after some time it will kill with  
a Overflow.  
  
-------------------------------------------------------------------------  
  
[email protected]  
Mon, 25 Jan 1999 16:39:22 -0300  
  
Hi,  
Somebody talk above Nobo crash, and how we can do it, is very simple,  
just put de lines:  
  
find /|nc -u 10.1.1.17 31337  
this make that the NetCat send data to the nobo (bobo) user (10.1.1.17)  
from stdin ("find / ").  
  
this break is easy and work over many OSs  
  
  
Saludos a todos  
Especialmente a los amigos de Freak  
  
By  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
buffer overflowdenial of serviceudp packetsnetwork errorlog filewindowslinux
39