Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DOS on inetd w/ nmap

From: lamont () SECURITY HP COM (LaMont Jones)
Date: Tue, 25 Apr 2000 09:34:58 -0600


The problem is that inetd will abort when too many connections are made.
This is an old problem that appears to still be a problem even on some newer
OSes, specifically IRIX (*all* 6.2-6.5, others?), some HP-UX (B.10.20, but
only on some machines... dunno why), and of course old SunOS 4.1.3/4.1.4
machines (only some!).  You must then log on at the console (unless you had
a remote window open to the machine prior to inetd exiting) and either
restard inetd or reboot the machine.


I believe that if you go back about 2 or 3 years, most, if not all, of the
vendors issued inetd patches to correct this vulnerability: I know that the
ones you mentioned did.

If I remember the bugtraq postings of the time, the problem came from
internal services not expecting the socket to go away before they got
around to servicing the request.  Therefore, one workaround is to disable
__ALL__ of the internal services in inetd.conf.  The better workaround
is to install the security patch that the vendor released 2 or 3 years
ago.

I expect that your "only some" situations above are either differences
in patches, or else luck of timing windows.

lamont
Just speaking for myself, of course.
Previous By Date Next
Previous By Thread Next

Current thread: