Bugtraq mailing list archives
HP-UX 10.20 SharedX Receiver Service DoS
From: security () SIAMRELAY COM (Security Research Team)
Date: Fri, 16 Oct 1998 14:04:16 -0400
__________________________________________________________ S.A.F.E.R. Security Bulletin 981014.DOS.1.2 __________________________________________________________ TITLE: Vulnerability in SharedX Receiver Service (recserv) DATE: October 14, 1998 NATURE: Denial-of-Service PLATFORMS: HP-UX 10.20 (possibly others) DETAILS: By sending specific amount of characters to SharedX Receiver Service, remote (and local) users can perform DoS attack against HP-UX 10.20 machine. Recserv process reaches 100% (or less, depending on CPU usage by other processes) 3-5 minutes after attack, and has to be killed and restarted. FIXES: Hewlett-Packard has been notified on 03-September-1998, but patch is not available yet. __________________________________________________________ S.A.F.E.R. - Security Alert For Entreprise Resources Copyright (c) 1998 Siam Relay Ltd. http://siamrelay.com/safer --- security () siamrelay com __________________________________________________________
Current thread:
- Last (hopefully) update on GroupWise Simple Nomad (Oct 10)
- <Possible follow-ups>
- Last (hopefully) update on GroupWise Adrian Voinea (Feb 06)
- /tmp race in mc-4.5.0 Pavel Machek (Oct 12)
- Re: /tmp race in mc-4.5.0 Bennett Todd (Oct 14)
- Re: /tmp race in mc-4.5.0 Marc Heuse (Oct 14)
- [NTSEC] DoS attack in MS - Proxy 2.0 Jason Garms (Oct 15)
- IRIX xterm(1) exploitable buffer overflow SGI Security Coordinator (Oct 15)
- IRIX Xaw library exploitable buffer overflow SGI Security Coordinator (Oct 15)
- Microsoft Security Bulletin (MS98-015) Aleph One (Oct 16)
- HP-UX 10.20 SharedX Receiver Service DoS Security Research Team (Oct 16)
- Breaking Finger in AIX 4.2 aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (Oct 20)
- Re: Breaking Finger in AIX 4.2 Troy A. Bollinger (Oct 20)
- Alert: IE 4.0 Security Zone compromise Aleph One (Oct 20)
- /tmp race in mc-4.5.0 Pavel Machek (Oct 12)
- Re: Annoying Solaris/CDE/NIS+ bug Frank Cusack (Oct 13)