Exploit Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 - Denial of Service Duplicate Hostname

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
19238
Проверка EDB
  1. Пройдено
Автор
CARL BYINGTON
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-1999-0288
Дата публикации
1999-06-04
Microsoft Windows NT 4.0/4.0 SP1/4.0 SP2/4.0 SP3 - Denial of Service Duplicate Hostname
Код:
source: https://www.securityfocus.com/bid/298/info

NT Workstations and Servers must have unique hostnames if they reside on the same network. Should an NT host attempt to use an existing hostname, the second server (with the new duplicate name) will fail to start its workstation and server services. (Once the name has been changed to a unique value and has been rebooted, the host will operate normally).

Should an NT host claim the hostname of a "victim" NT host while that host is turned off, the "victim" host will be subject to a Denial of Service-like attack because the workstation and server services will fail to start. NT hosts are usually prevented from taking duplicate names within one domain they must register their existence with an NT Domain Controller when initially joining the domain. (This registration process must be performed by someone with administrator privileges.)

A situation has been noted wherein a Win95 host may register the victim hostname (with a WINS server) by setting the Win95 workgroup name equal to the victim's hostname. The next time the victim host is rebooted, it will fail to start the workstation and server services as the WINS server will report that the hostname is claimed by the Win95 host. 

Set the Win95 workgroup name equal to the hostname for the victim NT host. If the WINS server registers this hostname, and the victim NT host is rebooted, it will fail to start its workstation and server services.
 
Источник
www.exploit-db.com

Похожие темы