Re: 3 Solaris reboot in 3 days

[UnixGeek <ed () XWING CENTIGRAM COM>]

Last time I checked, the bug in question would kill inetd, but it would
not panic the whole box.

                            Edward Mitchell
        Centigram Unix Geek, BOfH, Network Admin, Darth Sysadmin
                         ed () xwing centigram com
                      http://www.the7thbeer.com/ed
                          Sheepish Lord of Chaos
--------------------------------------------------------------
"Fear leads to anger. Anger leads to hate. Hate leads to using
Windows NT for mission-critical applications."
     -- What Yoda *meant* to say

On Fri, 28 Jul 2000 mixter () 2XS CO IL wrote:

> There is a definitive remote DoS out for solaris 2.6 without this
> patch and any lower solaris box. affected systems crash when a
> nmap OS fingerprinting is done against a port of a service run
> by inetd (if the port closes after/while being scanned).. an exploit that
> can reproduce/test this is available at http://mixter.void.ru/soltera.c
>
> On Fri, 28 Jul 2000, Xavier Mertens wrote:
>
> > Hi *,
> >
> > Strange... We had 3 Solaris (2.6) box reboot in 3 days. All servers had
> > the same problem:
> >
> > Jul 28 13:47:41 orion savecore: reboot after panic: recursive mutex_enter, lp=6147dcec owner=613cade0 
> > thread=613cade0 type=0 tsid=0
> >
> > There exist a patch against this problem (105529-09) but 3 reboots in 3 days
> > look strange! :(
> >
> > Heard anything about a new exploit?
> >
> > Regards,
> > X
> >
> > --
> > Xavier Mertens,         .  .   EuroNet Internet  "Contrary to popular belief,
> > NOC Manager          .      *  a subsidiary of    Unix is userfriendly. It
> > XM3-RIPE XM1-6BONE  .          France Telecom     just happens to be selective
> >                                                   about who it makes friends
> >                                                   with."