Bugtraq mailing list archives
Solaris Ping Bug and other [bc] oddities
From: owner-bugtraq () NETSPACE ORG (Aleph One)
Date: Fri, 23 Jun 2017 07:13:33 -0400
Greets, Just finished reading through the 'Summary' of Solaris Ping bud (DoS)' email and figured I would empart a bit of ?wisdom? with people. First, let me say this isn't a slam on Dan Bell. Now that that's out of the way. For those thinking about following Dan Bell's <dbell () blaze cs jhu edu> lead:
The only solution I've got (as I lack working code for ping), has actually been to use my ancient SunOS version in binary compatibility mode. It's a disgusting thing to do, but the old version doesn't have this bug. I've only applied this kludge on undergraduate machines, where I know they'll crash them just for the hell of it :).
Not only is is a disgusting solution but a very insecure one. This relies upon libbc (if memory serves), which ostensibly stands for Binary Compatibility. In fact we know this to really stand for lib Before Christ. It's your choice should you take this route and not the others - let the user crash the machine... or give them route through the binary compatibility routines (buffer overflows, popen's etc. etc.). I highly recommend people pulling binaries from SunOS machines and trussing them on Solaris. Guranteed to cheer up even the most manic depressive. .mudge
Current thread:
- Re: Solaris Ping bug (DoS), (continued)
- Re: Solaris Ping bug (DoS) Francesco Messineo (Jun 26)
- 'sec-fix' for NT 3.51 Aleph One (Jun 26)
- Problem in dxterm (ULTRIX) Trevor Schroeder (Jun 26)
- Re: Solaris Ping bug (DoS) Philip Kizer (Jun 26)
- Solaris Ping bug(inetsvc) Renteria Tabares J. (Jun 27)
- Announce: ypcat for Win NT/95 Aaron Spangler (Jun 27)
- Re: Solaris Ping bug (DoS) Geoff Mulligan (Jun 27)
- Win95 ping bug nomad () APOLLO TOMCO NET (Jun 29)
- Re: Solaris Ping bug (DoS) Jon Edwards (Jun 30)
- Alert: Routing and RAS Filtering issue Aleph One (Jun 27)
- Solaris Ping Bug and other [bc] oddities Aleph One (Jun 23)
- Re: [ADVISORY] 4.4BSD Securelevels Howie Kaye (Jun 26)
- Re: [ADVISORY] 4.4BSD Securelevels Thomas H. Ptacek (Jun 26)
- SUMMARY: Solaris Ping bug (DoS) Gnuchev Fedor (Jun 27)
- Security hole affects many cvs pserver installations Aleph One (Jun 27)