[11253] in bugtraq
Followup: Remotely Lock up Gauntlet 5.0
daemon@ATHENA.MIT.EDU (Mike Frantzen)
Thu Aug 5 01:01:33 1999
Content-Type: text
Message-Id: <199908041928.OAA23231@expert.cc.purdue.edu>
Date: Wed, 4 Aug 1999 14:28:30 -0500
Reply-To: Mike Frantzen <frantzen@EXPERT.CC.PURDUE.EDU>
From: Mike Frantzen <frantzen@EXPERT.CC.PURDUE.EDU>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <199907301603.LAA17178@expert.cc.purdue.edu> from "Mike Frantzen"
at Jul 30, 99 11:03:07 am
> * Description:
> * If you know an IP that will be routed through a Gauntlet 5.0 Firewall,
> * you can remotely lock up the firewall (tested against Solaris 2.6 and
> * BSDI). It locks up to the point that one packet will disable STOP-A
> * (L1-A) on Sparcs and ~3-5 packets will disable Ctrl-Alt-Del on BSDI
> * (Ctrl-Alt-Del still prompts Y/N but it never reboots).
Network Associates just released a patch for the problem. It can be found
at ftp://ftp.tis.com/gauntlet/patches/5.0
Two and a half weeks for a kernel patch.... Not too shabby.
enjoy,
.mike
---
Every one we don't catch would be a "yet another major ms security hole",
and the theory tells us we can't catch all of them. So, we're just not
going to start down that path.
--paulle@microsoft.com 08/06/98 Bugtraq
