I can confirm this happens in the following configuration:
Windows95 + SP1 + msdun12.exe + ws2setup.exe + vtcpup20.exe + vipup20.exe
(patched in this order). Since ws2setup.exe essentially upgrades Win95 to
OSR2 this should imply OSR2 is also vulnerable to this.
The symptoms that I could see were the following:
The application doing the DNS lookup (I used the lookup function of
WSPING32 of WSFTP Pro) makes the entire system freeze. ALT-CTRL-DEL shows
this application as 'not responding'. Killing the program off frees the
system again. However most programs using winsock at the time, including
network stuff started after that, lost the network. However, doing a 'ping'
from the commandline with a numerical IP address still worked, so the stack
doesn't appear to be entirely dead. However it looks like this is using a
different part of the stack, because doing a manual 'ping' with the same
address that knocked WSPING32 of its feet (blhad.yahoo.com) merely resulted
in an 'unknown host' message.
The problem does not occur when the network is not active at the moment the
'13-char killer' is dropped. I _have_ to be dialed in to make it crash.
So if you want to test your system be sure:
1) To test it with a Windows95 application: the command line utils don't
crash
the stack and neither does a crash influence them
2) You can unfreeze your system by killing off the offending application,
for the network to come back you need to reboot though. Maybe simply
getting
rid of the TCP/IP stack, like by disabling the network card, would also
help (can't test that here, no Ethernet at home ;-))
Could other people confirm the following:
* Does this only happen with the newest WS2 or also with the one that comes
wit
the Winsock SDK that was released previously?
* Does this also happen when vipupd20.exe and vtcpupd20.exe have not been
used?
If this is the case I am seriously considering downgrading back to winsock 1.1
$) Henri
$) Henri