Bugtraq mailing list archives
Re: DOS against SuSE's identd
From: sarnold () WILLAMETTE EDU (Seth R Arnold)
Date: Tue, 17 Aug 1999 11:49:27 -0700
Hendrik (and other posters), when finding similar problems in SuSE or other products, you may also wish to post to the related-product security list, such as such as suse-security () suse com. Not all who use a product read bugtraq, many read only the list specific to themselves. (their loss perhaps. :) Thanks On Sat, Aug 14, 1999 at 08:29:48PM -0000, Hendrik Scholz wrote:
Hi! The inetd.conf starts the identd with the options -w -t120 -e. This means that one identd process waits 120 seconds after answering the first request to answer later request. Lets say we start 100 requests in a short period. Due to the fact that it takes time to answer one request more identd's will be started each eating up about 900kb memory and waiting 120 seconds before terminating. I tested this behaviour on different machines with different hardware (RAM, Swap, NIC). Each machine becomes unusable after some seconds. This bug is in _every_ SuSE Version at least since 4.4. SuSE seems not to be interested in this bug becaus they did not answer any of my mails. CU, Hendrik
-- Seth Arnold | ICQ 3172483 | http://cswww.willamette.edu/~sarnold/ I prosecute unsolicited bulk emails, using the RealTime BlackHole List. You should too. Ask me how, or visit http://maps.vix.com/rbl/
Current thread:
- Possible Denial Of Service using DNS Carlos Veira (Aug 10)
- Re: Possible Denial Of Service using DNS marka () ISC ORG (Aug 10)
- Re: Possible Denial Of Service using DNS David Schwartz (Aug 10)
- QMS 2060 printer security hole Frank Bures (Aug 18)
- DOS against SuSE's identd Hendrik Scholz (Aug 14)
- Re: DOS against SuSE's identd Danton Nunes (Aug 16)
- Re: DOS against SuSE's identd Volker Wiegand (Aug 17)
- Re: DOS against SuSE's identd Alan Brown (Aug 16)
- AOL Buffer Overflow??? Robert Graham (Aug 16)
- Re: DOS against SuSE's identd Seth R Arnold (Aug 17)
- Re: DOS against SuSE's identd Danton Nunes (Aug 16)
- Mandrake 6.0 .Xauthority Elmer Joandi (Aug 15)
- IE5 ACL protected pages viewable from cache by unauthorized user J.Kent Robinson (Aug 15)
- Re: IE5 ACL protected pages viewable from cache by unauthorized user David Schwartz (Aug 16)
- Possible Windows 9x Shared Printers Security Hole Luis Martin-Santos (Aug 15)
- Re-release: Microsoft Security Bulletin (MS99-029) Aleph One (Aug 16)
- Re: Possible Windows 9x Shared Printers Security Hole x-empt [ lvhc / lou ] (Aug 16)