Bugtraq mailing list archives
Re: Local DoS on network by unpriviledged user using setsockopt()
From: Dylan_G () BIGFOOT COM (Dylan Griffiths)
Date: Wed, 8 Sep 1999 20:49:17 -0600
Has anyone verified whether other non BSD-OSes are vulnerable? Specifically, Linux 2.0.x (or any pre-2.2.9) releases?
I just spent some time testing the exploit against Linux 2.2.6, and 2.2.9 w/ Andrea's Buffer-C patch. The machine had 128mb of ram, 128mb of swap, and a K6-2 266 Mhz CPU (the other machine I couldn't DoS had a 200Mhz Pentium w/ MMX and login resource restrictions). The results are mixed. When I first tested with 2.2.6, I did get a DoS. The DoS went away when I updated the System.map file to be accurate. After some experimentation, it seems that it's more of a hit and miss situation (I could DoS with valid/invalid System.map files). Sometimes it would DoS (looping about 290 to 300 times, pausing a second, then looping 20 more times, and then causing out of memory situations), and sometimes it wouldn't loop enough (and the kernel would reclaim the resources). This seems to be a well hidden race in the Linux kernel, and both 2.2.6 and 2.2.9 (with the patch) were affected. The system I tested it on did not have login resource limits enforced, so I'm assuming a good login resource policy would stop the DoS on at least the 2.2.x series (and possibly the 2.0.x series). I've no idea if this will affect the 2.3.x series.
Current thread:
- Local DoS on network by unpriviledged user using setsockopt() Sven Berkvens (Sep 01)
- Re: Local DoS on network by unpriviledged user using setsockopt() John N Dvorak (Sep 03)
- Re: Local DoS on network by unpriviledged user using setsockopt() John N Dvorak (Sep 03)
- Re: Local DoS on network by unpriviledged user using setsockopt() Lamont Granquist (Sep 08)
- Re: Local DoS on network by unpriviledged user using setsockopt() FreeBSD -- The Power to Serve (Sep 03)
- another xploit for netscape 4.6 Narr0w (Sep 04)
- <Possible follow-ups>
- Re: Local DoS on network by unpriviledged user using setsockopt() John N Dvorak (Sep 08)
- Re: Local DoS on network by unpriviledged user using setsockopt() Dylan Griffiths (Sep 08)