[13625] in North American Network Operators' Group
Re: Potentially dangerous Pentium bug disc
daemon@ATHENA.MIT.EDU (Greg A. Woods)
Wed Nov 12 13:58:45 1997
Date: Wed, 12 Nov 1997 13:48:21 -0500 (EST)
From: woods@most.weird.com (Greg A. Woods)
To: nanog@merit.edu
In-Reply-To: Randy Bush's message
of "Wed, November 12, 1997 10:15 PST"
regarding "Re: Potentially dangerous Pentium bug disc"
id <m0xVhJz-0007zYC@rip.psg.com>
Reply-To: woods@weird.com (Greg A. Woods)
[ On Wed, November 12, 1997 at 10:15 (PST), Randy Bush wrote: ]
> Subject: Re: Potentially dangerous Pentium bug disc
>
> gated does not have that illegal instruction sequence in it. compilers
> don't generate it. httpd does not have the sequence.
No, httpd certianly should not contain the illegal instruction within
itself, but being the complex critter it is it we find that it commonly
executes other programs on behalf of the remote user. You might want to
peek at: CERT Advisory CA-97.25 - CGI_metachar.
There's no clear exploit implied that involves the CPU hang bug (unlike
the corresponding browser bug that's already been discussed), but it
clearly identifies some very real risks that could lead to such exploits.
--
Greg A. Woods
+1 416 443-1734 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
