Vulnerability Development mailing list archives
Re: Local root through vulnerability in ping on linux.
From: Peter Batenburg <petertje () DEEJAYS NL>
Date: Mon, 21 Aug 2000 11:57:41 +0200
bash# ping -c 1 -s 65690 localhost WARNING: packet size 65690 is too large. Maximum is 65507 Segmentation fault bash# uname -a Linux pc1 2.2.14-5.0 #1 Tue Mar 7 20:53:41 EST 2000 i586 unknown bash# cat /etc/redhat-release Red Hat Linux release 6.2 (Zoot) bash# [root@s2 /root]# ping -c 1 -s 65690 localhost WARNING: packet size 65690 is too large. Maximum is 65507 Segmentation fault [root@s2 /root]# uname -a Linux s2 2.2.14 #3 Thu Jan 27 16:06:53 MET 2000 i686 unknown [root@s2 /root]# cat /etc/redhat-release Red Hat Linux release 6.2 (Zoot) [root@s2 /root]# At 21:45 20-8-00 +0200, you wrote:
Hello, The original post author just sent me the command line he says to get the seg fault: ping -c 1 -s 65690 localhost I have tested on slackware 7 both with root and non root and none get seg fault. On RedHat 6.1 as normal user no seg fault occurs... With root you get seg fault after warning about packet size too big. Looks like his ping command was trojaned or something ;) Best Regards, Pedro Hugo Samu wrote: > On Sat, Aug 19, 2000 at 08:39:35PM +0200, Ralf-Philipp Weinmann wrote: > > On Sat, 19 Aug 2000, Gerrie wrote: > > > > > Again some blackhats have a zeroday exploits in their hands. > > > > > > It's exploits a bug in the linux kernel by using ping, does someone have > > > more info? > > > > i tried your ping on a debian woody i386 and it doesn't work > again: there are two packages with ping for debian > one in iputils-ping ( which has ping for ipv6 ) > one in netkit-ping > > the ping in iputils-ping packages is more like "redhattish" ( broadcast ? > then ping -b .... ARGHHH ) and it gives to user the capability to set ICMP > packet size with -s . > with the other packages ( a normal ping ) you can't if you aren't root > to set your icmp packet size even it's suid root . > > ( and that to answer to ping flooding as user thread ) . > > none of the two "ping " give me DOS or kernel bug ( i tried on 2.2.16 and > 2.4.0-test4 ) . > > i can suggest you to rm you old ping and use this one from debian > > cee ya > > samuele > > -- > Samuele Tonon <samu () mclink it> > Undergraduate Student of Computer Science at University of Bologna, Italy > System administrator at Computer Science Lab's, University of Bologna, Italy > Founder & Member of A.A.H.T. > UIN 3155609 > Acid -- better living through chemistry. > Timothy Leary -- -------------------------------------------- Pedro Hugo Director of Unix Server Administration HighSpeedWeb Support Team fractalg () highspeedweb net ICQ # 38178251 http://www.highspeedweb.net Genesis II Networks LLC --------------------------------------------
Groetjes Petertje
Current thread:
- Local root through vulnerability in ping on linux. Gerrie (Aug 19)
- Re: Local root through vulnerability in ping on linux. Ralf-Philipp Weinmann (Aug 19)
- Re: Local root through vulnerability in ping on linux. Gerrie (Aug 20)
- Re: Local root through vulnerability in ping on linux. Tymm Twillman (Aug 20)
- Re: Local root through vulnerability in ping on linux. Ralf-Philipp Weinmann (Aug 20)
- Re: Local root through vulnerability in ping on linux. Samu (Aug 20)
- Re: Local root through vulnerability in ping on linux. Pedro Hugo (Aug 20)
- Re: Local root through vulnerability in ping on linux. Peter Batenburg (Aug 21)
- Re: Local root through vulnerability in ping on linux. PatrickM (Aug 21)
- Re: Local root through vulnerability in ping on linux. Martin MaD Douda (Aug 21)
- Re: Local root through vulnerability in ping on linux. Gerrie (Aug 20)
- Re: Local root through vulnerability in ping on linux. Ralf-Philipp Weinmann (Aug 19)
- <Possible follow-ups>
- Re: Local root through vulnerability in ping on linux. Goense, Jacob (Aug 20)
- Re: Local root through vulnerability in ping on linux. Joe User (Aug 21)
- Re: Local root through vulnerability in ping on linux. Rodrigo Barbosa (aka morcego) (Aug 21)
- Re: Local root through vulnerability in ping on linux. Murvai-Buzogany Laszlo (Aug 21)
- Re: Local root through vulnerability in ping on linux. Michal Zalewski (Aug 21)
- Re: Local root through vulnerability in ping on linux. Daniel Jacobowitz (Aug 21)
- Re: Local root through vulnerability in ping on linux. Bluefish (P.Magnusson) (Aug 22)
- Re: Local root through vulnerability in ping on linux. Joe User (Aug 21)