Bugtraq mailing list archives
Re: Security Hole in Axent ESM
From: shields () CROSSLINK NET (Michael Shields)
Date: Mon, 31 Aug 1998 18:24:30 +0000
In article <199808300501.BAA08612 () Bahamut dragonfire net>, Andy Church <achurch () DRAGONFIRE NET> wrote:
In other words, if you can't manually set the clock back, get the system to do it for you. And if the system doesn't allow the clock to "turn over", then all sorts of things will go bonkers when the clock hits its maximum (cron jobs, for one), turning this into a DoS of sorts. So I don't see this as a particularly effective measure. One way I could see to make this more effective would be to use 64-bit times and disallow both setting the clock back and changing the top 2 bits to anything other than zero. This would break the rollover attack without causing any premature Y2k-like problems (2^62 seconds ~= 10^13 years).
This is still a DOS of sorts, as you can set the clock to 2^62-1, and then it will be impossible to return the clock to the correct time without rebooting. Many things will probably be unhappy to find themselves 10^13 years in the future. -- Shields, CrossLink.
Current thread:
- Re: Buffer overflows in Minicom 1.80.1 Willy TARREAU (Aug 31)
- Re: Security Hole in Axent ESM Michael Shields (Aug 31)
- Re: Buffer overflows in Minicom 1.80.1 Alan Cox (Aug 31)