Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

nukenabber-DoS.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 34 Views

NukeNabber 2.9 and earlier are vulnerable to CPU DoS attacks; fixes unknown. Issues reported.

Code
`------------------------------------  
NOTE:  
NukeNabber 2.9 and earlier are vulnerable.  
nn29a.exe is NOT vulnerable.  
  
------------------------------------  
  
Date: Fri, 6 Nov 1998 01:46:17 -0600  
From: [email protected]  
To: [email protected]  
Subject: various *lame* DoS attacks  
  
Aleph,  
  
None of this is as cool as finding buffer overflows in sshd, but it may be  
of interest to some people.  
  
  
2) CPU DoS against NukeNabber (NT only?)  
  
I haven't tested this on anything other than Windows NT 4.0 SP3  
(Workstation & Server)  
  
How it works:  
  
NukeNabber listens on several ports for connections. You can configure it  
to listen on any port, but the standards are 1080, etc.  
If you telnet to the port of a machine that NukeNabber is listening on,  
NukeNabber apparently spawns a process called Report.exe. This process  
lasts anywhere from 30-90 seconds, and consumes ~100% CPU. The problem  
with this is fairly obvious. (note: when connecting to a port that  
NukeNabber is listening on, it's important that you don't type anything.  
Just let the connection sit and time out.)  
  
Fix:  
  
Unsure  
  
Has the author been notified?  
  
Yes, about 6 weeks ago. I received no reply.  
  
  
While we're on the subject of NukeNabber, I'll point something else out.  
NukeNabber has a nifty feature that establishes a DDE link with an IRC  
client. (mIRC or pirch) There are scripts written for both clients that  
have the option to kick/ban any host found to be "nuking" from all the  
channels that you're oped in, and can also /ignore them. This can become  
interesting when someone has a version of WinNuke that can spoof a source  
IP. If a person has the kick/ban/ignore feature active, you can turn them  
against the people in their channels quite easily. Again, lots of fun to  
be had here. (I believe the only "nuke" that NukeNabber listens for is a  
WinNuke.)  
  
  
I'm very aware that all the info presented here is rather lame. :)  
  
  
s1  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
nukenabber vulnerabilitiesdenial of servicecpu dos attackwindows ntprocess spawningdde linkirc client.
34