Bugtraq mailing list archives
Re: BSDI inetd crash
From: assembly () MIS03 MINDINFO COM (FrontLine Assembly)
Date: Wed, 8 Apr 1998 15:17:16 -0700
On Tue, 7 Apr 1998, Mark Schaefer wrote:
This is a serious bug in BSDI 3.1 servers. One of my coworkers was playing with the nmap utility which was mentioned here the other day, and he managed to crash inetd on our servers. We quickly duplicated the attack against a Linux box running RedHat 4.2, and it did not happen. I tried again, myself, on a non-critical BSDI 3.1 server. It happened again.
This not only affects BSDi BSD/OS 3.1 but 3.0, 2.1, & 2.0. It also crashes when the Win 95/NT program portscan.exe (made by 7thsphere) is run against the host. .-----------------------------------------------------------------. | FrontLine Assembly | " You Are Only Alive Because Someone Has | | |___. Decided To Let You Live " - KMFDM | | assembly () leviathan org | URL: http://www.leviathan.org/ | | |----------------------------------------' `------------------------' Type Bits/KeyID Date User ID pub 2048/19490121 1997/07/14 FrontLine Assembly -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i Comment: Requires PGP version 2.6 or later. mQENAzPJ0MgAAAEIAMn9IayyCXcDulFBfQtx64JBgJwbcvCcdX4FoBsdryl47bWq gx2A9c7Xe1hlhE2f3z/29M/miDxmuZndqFTnQDXd5yRmFoD9KF/Dfyw2o4EiPPPg kF13xPujz1mIOxlijrRkLjIx/kfHHakYVDCWL4hEfSFqsSsH6aibDf0jFAm28X8j 1PwbgwuwBvvbW6VRtgcoMt4lr9FbBoYiN3P4IHSGjgAA6llAG/0dxtfMV4mqxzw0 mW5GOTrti5Izehd9AOOHRxWxPdyBn6vI5lrm4E1FvaEzv9gKXKEt3ebGev79GY/s Kd4zivxJRqYWUCO/AMaeYf3csURITWiW3RlJASEABRG0EkZyb250TGluZSBBc3Nl bWJseYkBFQMFEDPJ0MlNaJbdGUkBIQEB3QAH/i1zVnYe/Y041VMQwvYzVTmRk57d 2YFqUbIR9oZKlPgq88iZ0p0gaJ22m2Ywx75xCKIlm5fslB86Sm5Xry2O/Q/RK0IG LaUVHJ7F4xRrgoOQcmIpwLMU2F8C3JkzUcdVNvAVCPpJiFaDGZzFgKJMX/YxjvQF OnENcH9wOvzvMHnFak38Q31DvmEG/rL4RqNWVnD+2iNV4SnvevNI/q41Rsfil/9x gezekBWnAcevX4Torefs/bFxwqlxjQ9jD/ZeU8pIRAXTMD7dHxHTFK09zs8vvibU 1mqpMZR/Mu11m8/cFRkl7fclByVY1hdaNRtxMYs6JPd1i8QDrKCA82UP18U= =MVqB -----END PGP PUBLIC KEY BLOCK-----
Current thread:
- BSD coredumps follow symlinks Denis Papp (Mar 28)
- nmap -U <host> undetectable by netranger v2.0 Codex (Apr 01)
- portmap 4.0-8 DoS Michal Zalewski (Apr 01)
- Re: portmap 4.0-8 DoS Peter van Dijk (Apr 07)
- BSDI inetd crash Mark Schaefer (Apr 07)
- Re: BSDI inetd crash FrontLine Assembly (Apr 08)
- SGI O2 ipx security issue Fabrice Planchon (Apr 08)
- BIND vulnerability test program.. Joshua J. Drake (Apr 09)
- (Q) Sun Rpcbind problem. Chiaki Ishikawa (Apr 10)
- Re: (Q) Sun Rpcbind problem. Casper Dik (Apr 10)
- Wietse's RPCBIND Wietse Venema (Apr 10)
- announce: weaken for netscape !! (fwd) Ken Williams (Apr 10)
- Communicator exploits Fernand Portela (Apr 10)
- Sun rpcbind Nicolas Dubee (Apr 10)
- Re: Sun rpcbind Aaron Bornstein (Apr 10)
- QW vulnerability Glenn F. Maynard (Apr 07)