Bugtraq mailing list archives
Re: Local DoS in FreeBSD
From: geniusj () FREE-BSD ORG (FreeBSD -- The Power to Serve)
Date: Tue, 7 Sep 1999 15:25:57 -0600
Actually, there is currently a patch from brian feldman that is being tested and will be added shortly to the -CURRENT tree for further testing.. it adds a new login.conf action to limit sbsize.. to give you an idea.. the sbsize in the mbuf crash is 2 mb.. which is huge.. you can limit to however many bytes you want.. if you limited to say.. 640000.. there's no way anyone could crash it with mbufs. of course, if you are running a public access system, you shuld ALWAYS have login.conf setup, if not for mbufs, to protect the maxproc and openfiles limits as that can be bad on the system too.. Once this login.conf addition is made this should all be over ;) On Thu, 2 Sep 1999, Jeff Wheat wrote:
On 01-Sep-99 Darren Reed wrote:This was first posted to the FreeBSD security list on the 9th of August, subsequently discussed on freebsd-stable and freebsd-hackers... no one seems to care, even though it is able to lock up 2.2.6, 2.2.8, and 3.2.x machines consistantly. I have also been told that it affects NetBSD and OpenBSD, though I haven't confirmed it. Someone with the know-how care to fix?Fixing this has been discussed internally, I imagine, by many of the affected OS's. The problem is a resource stavation issue - in this case mbuf's. Arguably, it shouldn't "lock up", just freeze up anything that does networking. I imagine you could lock up more than just the *BSD's with this program. DarrenIn all the tests that I have conducted on my FreeBSD systems, both intel and alpha based, versions 2.2.2 through 4.0-19990809-CURRENT result in the machines rebooting after running this DoS. The only work-around for this is supposedly setting resource limits in the /etc/login.conf file or to prevent public access to the machines. Regards, Jeff
Current thread:
- Re: Local DoS in FreeBSD Darren Reed (Aug 31)
- DoS bug in MessageASAP software Forrest Aldrich (Aug 30)
- Re: Local DoS in FreeBSD L. Sassaman (Sep 01)
- Re: Local DoS in FreeBSD Jared Mauch (Sep 02)
- Re: Local DoS in FreeBSD Jeff Wheat (Sep 02)
- Re: Local DoS in FreeBSD FreeBSD -- The Power to Serve (Sep 07)
- <Possible follow-ups>
- Re: Local DoS in FreeBSD MMS26 (Aug 31)
- Re: Local DoS in FreeBSD Jason Ackley (Aug 31)