Re: 3 Solaris reboot in 3 days

["J. Oquendo" <intrusion () ENGINEER COM>]

Actually something similar may have carried over on to Sol 2.7 and 8 as well which I meant to bring up before but never 
got around to untarring my logs.

After installing ipf under Sol (both versions) and nmap'ing my machine I got kernel panics over and over again in which 
the machine went down for rebooting on its own. Both in 32 and 64 bit modes.

Next time I turn on my machine at home I'll trace back the problem and post it.

------Original Message------
From: mixter () 2XS CO IL
To: INCIDENTS () SECURITYFOCUS COM
Sent: July 28, 2000 8:33:28 PM GMT
Subject: Re: 3 Solaris reboot in 3 days


There is a definitive remote DoS out for solaris 2.6 without this
patch and any lower solaris box. affected systems crash when a
nmap OS fingerprinting is done against a port of a service run
by inetd (if the port closes after/while being scanned).. an exploit that
can reproduce/test this is available at http://mixter.void.ru/soltera.c

On Fri, 28 Jul 2000, Xavier Mertens wrote:

> Hi *,
>
> Strange... We had 3 Solaris (2.6) box reboot in 3 days. All servers had
> the same problem:
>
> Jul 28 13:47:41 orion savecore: reboot after panic: recursive mutex_enter, lp=6147dcec owner=613cade0 thread=613cade0 
> type=0 tsid=0
>
> There exist a patch against this problem (105529-09) but 3 reboots in 3 days
> look strange! :(
>
> Heard anything about a new exploit?
>
> Regards,
> X
>
> --
> Xavier Mertens,         .  .   EuroNet Internet  "Contrary to popular belief,
> NOC Manager          .      *  a subsidiary of    Unix is userfriendly. It
> XM3-RIPE XM1-6BONE  .          France Telecom     just happens to be selective
>                                                   about who it makes friends
>                                                   with."

______________________________________________
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup