Re: Urgent !! Serious Linux Security Bug....

[dufresne () parka winternet com (Ron DuFresne)]

I've gotta start questioning the testing process folks are using since
there are so many conflicting results being reported in which OS' and
kernel levels are vulnerable, or am I reading these too fast and the
conflicts only in my mind here?

Later,

Ron DuFresne

On Mon, 21 Oct 1996, Jean-Francois Zwobada wrote:

> Henrik P Johnson wrote:
> > On Sun, 20 Oct 1996, Jason T. Luttgens wrote:
> >
> > >         Today we saw an email from Linus Torvalds advising of a problem
> > > with Linux and ping.  Basically you can reboot a linux box remotely if
> > > some scenario's are right.  From what we can tell and this has all been
> > > verified is: If anyone in the world with a Windows 95 machine can ping
> > > your
> > > Linux box they can potentially reboot that machine.. Hence a serious
> > > denial of service OR loss of data.
>
> BSDish Unices (BSD/OS v2.1, SunOS 4.1.x) and Solaris 2.5 don't reply. NT
> just responds.
>
> > This also works on HPUX 10.1, when I tried it I got a system panic and the
> > machine hang and didn't reboot.
>
> Another good bug of the week for the Scriptors of Doom :o)
>
> --
> _____ Jean-Francois Zwobada (mailto:zwobada () apogee-com fr) _______
>
> Apogee Communications              Tel    : +33 (1) 69 85 56 47
>                                    Fax    : +33 (1) 69 85 56 48
>
> This guy is powered by a Z81 - Best Viewed using plain text
> _________________________________________________________________

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.