Bugtraq mailing list archives

Re: Possible DoS in rsh

From: nick () ZETA ORG AU (Nick Andrew)
Date: Fri, 9 Oct 1998 10:08:46 +1000


In message <199810061943.PAA28852 () bajor ici net>, Shivan Dragon writes:

I don't know if this has been posted before so here it is. If you link your
.rhosts file (or hosts.equiv?) to /dev/zero. When you try to rsh it tried to
read /dev/zero that is of infinate length.


Programs (esp. daemons) which run as root should refuse to read control
files which are symlinks (and home directories should not be on the same
partition as /dev!).

A similar DoS may be possible by symlinking .forward, .qmail, .plan etc.

Nick.

Current thread:

Possible DoS in rsh Shivan Dragon (Oct 06)
- WARNING: By-passing MS Proxy packet filtering Mnemonix (Oct 06)
- tooltalk vulnerable on Digital Unix ?? Andrew Daviel (Oct 08)
- Re: Possible DoS in rsh Nick Andrew (Oct 08)
- Secure Locate v1.0 Kevin Lindsay (Oct 08)
- Re: Possible DoS in rsh Kragen (Oct 15)
- <Possible follow-ups>
- Re: Possible DoS in rsh Henrik Nordstrom (Oct 08)