Bugtraq mailing list archives
Re: stream.c - new FreeBSD exploit?
From: billf () CHC-CHIMES COM (Bill Fumerola)
Date: Thu, 20 Jan 2000 16:16:20 -0500
On Tue, Jan 18, 2000 at 02:44:38PM -0800, The Tree of Life wrote:
When I talked to another person to ask if he had 'acquired' the source, he said he wasn't going to give it out. I asked him if he had a patch for it, and he replied "the fbsd team is working on it. No patch is available right now." What's the importance of this? Major companies such as Yahoo (www.yahoo.com) and others run freebsd.
Major companies have firewalls too, but from what it sounds like, this attack may crash/freeze/reboot/whatever them as well.
According to the irc admin, a simple reboot fixes it. "Your box reboots or dies." He also stated, when asked if anything noticeable happened, that "nothing unusual [happened]". The only log that he could provide was this one: ---snip--- syslog:Jan 18 12:30:36 x kernel: Kernel panic: Free list empty ---snip---
[hawk-billf] /sys > find . |xargs grep -ie 'free list empty' [hawk-billf] /sys > uname -mrs FreeBSD 4.0-CURRENT i386
One thing of note: he also stated this happened on non-freebsd systems, which is contrary to what the other person said, who was "under the impression it was freebsd specific."
The above is a Linux panic, so it obviously works on non-FreeBSD machines. It's a pity to attach FreeBSD to this exploit, as it obviously isn't specific to just the FreeBSD stack. I wish the FUD would just go away sometimes. -- Bill Fumerola - Network Architect Computer Horizons Corp - CVM e-mail: billf () chc-chimes com / billf () FreeBSD org Office: 800-252-2421 x128 / Cell: 248-761-7272 ps. I'm not speaking for CHC or for FreeBSD...
Current thread:
- stream.c - new FreeBSD exploit? The Tree of Life (Jan 18)
- Re: stream.c - new FreeBSD exploit? Bill Fumerola (Jan 20)
- Re: stream.c - new FreeBSD exploit? Adam Lynch (Jan 21)
- Re: stream.c - new FreeBSD exploit? Darren Reed (Jan 21)
- Re: stream.c - new FreeBSD exploit? Frank (sysadmin) (Jan 22)
- <Possible follow-ups>
- Re: stream.c - new FreeBSD exploit? Haight, Kristofer (Jan 21)
- Re: stream.c - new FreeBSD exploit? Guy Cohen (Jan 23)
- Re: stream.c - new FreeBSD exploit? Bill Fumerola (Jan 20)