Bugtraq mailing list archives

Re: Urgent !! Serious Linux Security Bug....

From: vsv () logicnet ro (Stefanita Valeriu Vilcu)
Date: Tue, 22 Oct 1996 09:18:25 +0200


On Mon, 21 Oct 1996, Henrik P Johnson wrote:

On Sun, 20 Oct 1996, Jason T. Luttgens wrote:

        Today we saw an email from Linus Torvalds advising of a problem
with Linux and ping.  Basically you can reboot a linux box remotely if
some scenario's are right.  From what we can tell and this has all been
verified is: If anyone in the world with a Windows 95 machine can ping
your
Linux box they can potentially reboot that machine.. Hence a serious
denial of service OR loss of data.


This also works on HPUX 10.1, when I tried it I got a system panic and the
machine hang and didn't reboot.


It does not work on DG/UX 5.4.  These machines are insensible at this kind
of packets and drop them (the NT 4.0 ping reports "Request timed out" at
big packets, but it works with lower size ones).

Best Regards,

Stefanita Vilcu
---
Network Administrator, Logic Telecom S.A., Romania
E-mail: vsv () logicnet ro, phone: +40-1-3213635, fax: +40-1-3213730

Current thread:

Re: Urgent !! Serious Linux Security Bug.... James Cisco (Oct 19)
- Re: Urgent !! Serious Linux Security Bug.... Alan Cox (Oct 21)
  - Re: Urgent !! Serious Linux Security Bug.... Brian Clapper (Oct 21)
  - Re: Urgent !! Serious Linux Security Bug.... Chris Townsend (Oct 21)
- What about smbmount? (was: [linux-security] ncpmount/ncpumount) Kristian Köhntopp (Oct 21)
  - Re: What about smbmount? (was: [linux-security] Erki Simson (Oct 21)
- <Possible follow-ups>
- Re: Urgent !! Serious Linux Security Bug.... Jason T. Luttgens (Oct 20)
  - Re: Urgent !! Serious Linux Security Bug.... Henrik P Johnson (Oct 21)
    - Re: Urgent !! Serious Linux Security Bug.... Keith Bower (Oct 21)
    - Re: Urgent !! Serious Linux Security Bug.... Marc MERLIN (Oct 21)
    - Re: Urgent !! Serious Linux Security Bug.... Stefanita Valeriu Vilcu (Oct 22)
    - Re: Urgent !! Serious Linux Security Bug.... Jon Lewis (Oct 22)
    - Ping exploit program Bill Fenner (Oct 22)
    - Re: BoS: Ping exploit program Darren Reed (Oct 23)
- Re: Urgent !! Serious Linux Security Bug.... don larmee (Oct 21)
  - Re: Urgent !! Serious Linux Security Bug.... Valdis.Kletnieks () vt edu (Oct 21)
  - Re: Urgent !! Serious Linux Security Bug.... Jon Lewis (Oct 21)
- Re: Urgent !! Serious Linux Security Bug.... Jean-Francois Zwobada (Oct 21)
  - Re: Urgent !! Serious Linux Security Bug.... Jochen Friedrich (Oct 22)
  - The Ping Denial of Service bug on almost all Unixes The Ghost who Admins (Oct 22)
    - Re: The Ping Denial of Service bug on almost all Unixes Brett L. Hawn (Oct 22)

(Thread continues...)