Bugtraq mailing list archives
Slow vendor response
From: alan () lxorguk ukuu org uk (Alan Cox)
Date: Fri, 20 Dec 1996 19:44:15 +0000
bugtraq can provide. (Not that the vendor contact seems to matter much, I note Sun is still investigating the ping problem that everyone else has fixed.)
IMHO thats just Sunksoft. The rsh bug isnt fixed yet. Now thats almost a year old. We passed it to folks in Sun. Later I brought it up in usenet and Mark Graff of sun asked me about it. Can't see any fix reports for it. Lets see some response folks. [This is the ifr.ifr_flags=0; strcpy(ifr.ifr_name,"lo"); ioctl(0, SIOCSIFFLAGS,&ifr); run with rsh remotebox program and down goes their loopback. I've not played with this and ssh. I think ssh is safe because you never get the original socket handle passed to a user program.] Alan
Current thread:
- Re: Possible Denial of Service: SSH, (continued)
- Re: Possible Denial of Service: SSH Toomas Soome (Dec 18)
- Re: Possible Denial of Service: SSH Jim Dennis (Dec 18)
- Re: Possible Denial of Service: SSH Sven Gestegard (Dec 18)
- Exploit for ppp bug (FreeBSD 2.1.0). Leshka Zakharoff (Dec 18)
- CIAC Bulletin H-17: cron/crontab Buffer Overrun Vulnerabilities David Crawford (Dec 19)
- NT vulnerable to attack on CPU Aleph One (Dec 19)
- CERT/AUCERT Mycroft (Dec 19)
- Re: CERT/AUCERT itudps (Dec 19)
- Re: CERT/AUCERT Aleph One (Dec 19)
- Re: CERT/AUCERT Theo de Raadt (Dec 19)
- Slow vendor response Alan Cox (Dec 20)
- CERT Bashing, etc Aleph One (Dec 19)
- Re: CERT/AUCERT Yuri Volobuev (Dec 19)
- Re: CERT/AUCERT Tung-Hui Hu (Dec 19)
- TCP bug on old Solaris box ? Gilles Soulet (Dec 20)
- Re: TCP bug on old Solaris box ? Nathan Lawson (Dec 21)
- Buffer overflow in Linux's login program Joe Zbiciak (Dec 22)
- Solaris 2.5 x86 aspppd (semi-exploitable-hole) Thamer Al-Herbish (Dec 20)
- CERT, CIAC, etc. and unethical practices Thamer Al-Herbish (Dec 20)
- ANNOUNCE: Crack v5.0a available... Alec Muffett (Dec 20)
- Security Survey Aleph One (Dec 20)
- Re: Possible Denial of Service: SSH Toomas Soome (Dec 18)