winproxy.txt

1999-08-17T00:00:00
ID PACKETSTORM:15354
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `Date: Thu, 2 Jul 1998 20:37:32 -0500  
From: Ryan Nichols <ryann@THE-BRIDGE.NET>  
Subject: Windows95 Proxy DoS Vulnerabilites  
  
While playing with a proxy server the other day, I have accidently stumbled  
across two remote bugs in numerous proxy servers. Those affected are  
"WinGate and StarTech". Both companies have been previously notified of  
their vulnerability, and in WinGate's case I guess it has been patched  
already.  
  
The bug is pretty straight forward, telnet to the proxy server at its  
pop3 port and type  
  
For WinGate:  
USER x#99999.....  
  
With lots of nine's, the proxy server stops responding and needs to  
be restarted.  
  
For Startech:  
USER x<9999999.....>  
  
Once again, as many nines as possible, startech quits responding.  
  
In Startech's case, this can also be done in the telnet daemon part of  
it also...  
  
Havent tried much others...  
  
My Startech proxy server did not have a version number on it, and the  
Wingate's wasn't available. Sorry, I will try to get this in tommarrow  
if neccessary...  
  
  
-Ryan  
(ryann@the-bridge.net / http://www.the-bridge.net/~ryann)  
`