[11806] in bugtraq
Re: Local DoS on network by unpriviledged user using setsockopt()
daemon@ATHENA.MIT.EDU (John N Dvorak)
Fri Sep 10 02:00:56 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSI.4.05.9909081403540.18169-100000@hq.capu.net>
Date: Wed, 8 Sep 1999 14:09:26 -0400
Reply-To: John N Dvorak <dvorak@CAPU.NET>
From: John N Dvorak <dvorak@CAPU.NET>
X-To: BUGTRAQ@SECURITYFOCUS.COM, Dylan Griffiths <root@thock.com>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <37D67E7E.3BA046E7@thock.com>
On Wed, 8 Sep 1999, Dylan Griffiths wrote:
>John N Dvorak wrote:
>> Sven,
>>
>> I have verified the following platforms:
>>
>> BSDI 2.1
>> BSDI 3.1
>> BSDI 4.0
>> BSDI 4.0.1
>> Cobalt Linux (MIPS) - RedHat based
>>
>> All vulnerable.
>>
>> I am testing on other Linux platforms, but I presume all BSD and
>> Linux-based systems are affected. I have no resources to test this on
>> Solaris, AIX, HP and System-V based systems.
>
>Linux x86 does not appear affected, or at least my Slackware distribution
>simply choked off the program before it did any damage when run as both
>normal and super user. This might have something to do with login limits,
>but super user ran it with no ill effects. Kernel 2.2.9
>Is Cobalt Linux using an older kernel?
Cobalt Linux is definitely using an older kernel. As far as I know, it is
a 2.0.x release for the RaQ2 product. I'll see what kind of details I can
get from Cobalt.
Using the exploit on a Cobalt RaQ2, most system processes lock, though the
machine still responds to pings. The management panel does not respond
and the machine must be cold booted.
Has anyone verified whether other non BSD-OSes are vulnerable?
Specifically, Linux 2.0.x (or any pre-2.2.9) releases?
Regards,
John Dvorak
===========================================
John N Dvorak | dvorak@capu.net
Director of Technology
CapuNet, LLC - Corporate Internet Solutions
(301) 881-4900 x8018
===========================================
