Bugtraq mailing list archives
Re: NetBSD 1.4.1 local DoS
From: nike () NIKE SOFTJOYS RU (Nikolay N. Igotti)
Date: Mon, 6 Sep 1999 08:47:42 +0400
This does not `freeze' the system per se. What it does is tie up all the network resources, and make it impossible to any network I/O (even through Un*x-domain sockets). Linux is not generally vulnerable to the exploit as posted, because it seems to only accept 64512 bytes from the write(2)s, and limit the file descriptor table to 256 entries (at least by default), thus making the program chew up less memory. However, a trivial variant (attached below) causes memory exhaustion on the Linux system I tested. Interestingly, this did not cause the Linux system to crash, but it does cause a bunch of processes to be killed -- gpm, klogd,
I've posted message titled "linux memory DOS" about 5 days ago to linux-kernel list. This situation is reproducible even without any IO/fork operations, only with memory operations. There are some suggested patches, at least to fix memory problem. Look linux-kernel mailing list archive for more info.
update, crond, and finally the test program itself. So there is still a denial of service, especially if the program is modified to continually fork as well (also attached below, although it could be done a bit better).
Current thread:
- Re: NetBSD 1.4.1 local DoS Charles M. Hannum (Sep 01)
- Re: NetBSD 1.4.1 local DoS Alan Brown (Sep 04)
- Re: NetBSD 1.4.1 local DoS Nikolay N. Igotti (Sep 05)