Bugtraq mailing list archives
Re: BoS: Urgent !! Serious Linux Security Bug....
From: eburke () cslab vt edu (Eli Burke)
Date: Sun, 20 Oct 1996 21:14:42 -0400
cy>> > Today we saw an email from Linus Torvalds advising of a problem cy>> >with Linux and ping. Basically you can reboot a linux box remotely if cy>> >some scenario's are right. From what we can tell and this has all been cy>> >verified is: If anyone in the world with a Windows 95 machine can ping cy>> >your Linux box they can potentially reboot that machine.. cy>> cy>> Yes, but this attack another machines, AIX for example. cy>I just tested this against FreeBSD 2.1.5. The machine under attack, cy>a 486SX/25, got was for a while but recovered quite nicely. My Friend tested in this machines:1) Reboot: OSF/1 3.2C, Solaris2.4 x86 2) Ignored: *BSD, SunOS4.1.x, IOS, AIX3.2.5, VMS e Solaris 2.4 Sparc, Irix. 3) Respond: M$ e OS/2 4) Crash: Linux, AIX4, OSF <= 3.2C and AIX3.2.5 on Token-ring.
I tested this under OSF/1 3.2 and had no problems. Same for DUnix 4.0, Ultrix 4.4, Windows NT 4.0 (server and workstation), and FreeBSD 2.1.5. FreeBSD was the only one that showed any symptoms; the network card stopped responding for about two minutes, but I could belive that to be the fault of the lousy intel etherexpress driver. -- Eli Burke eburke () vt edu http://csugrad.cs.vt.edu/~eburke/
Current thread:
- Re: BoS: Urgent !! Serious Linux Security Bug.... Nelson Murilo (Oct 20)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Eli Burke (Oct 20)
- Re: BoS: Urgent !! Serious Linux Security Bug.... kewl aid smile (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Jon Lewis (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Alan Cox (Oct 22)
- <Possible follow-ups>
- Re: BoS: Urgent !! Serious Linux Security Bug.... Eli Burke (Oct 20)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Jared Mauch (Oct 20)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Oliver Xymoron (Oct 21)
- Ping problem patch page Mike Bremford (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Henrik P Johnson (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Jared Mauch (Oct 20)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Timothy Brown (Oct 21)
- Re: BoS: Urgent !! Serious Linux Security Bug.... Tazman (Oct 22)
(Thread continues...)