[20218] in bugtraq
Re: Reliant Unix 5.43 / 5.44 ICMP port unreachable problem
daemon@ATHENA.MIT.EDU (Pablo Ruiz Garcia)
Mon Apr 16 03:44:27 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010414165558.A18283@diablo.ip6seguridad.com>
Date: Sat, 14 Apr 2001 16:55:58 +0200
Reply-To: Pablo Ruiz Garcia <pruiz@IP6SEGURIDAD.COM>
From: Pablo Ruiz Garcia <pruiz@IP6SEGURIDAD.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.10.10104061708430.1047-100000@sole.infis.univ.trieste.it>; from lcars@INFIS.UNIV.TRIESTE.IT
on Fri, Apr 06, 2001 at 05:28:03PM +0200
On Fri, Apr 06, 2001 at 17:28:03 +0200, Andrea Barisani wrote:
> Hi to all,
>
> I don't know if anyone might be interested in this (Reliant Unix is a sort
> of archaeological OS) but sending an icmp port unreachable error to a RU
> cause an immediate drop of all the connections in progress between the
> server and the icmp-sender host, of course spoofing the icmp address
> originator cause the drop of connections between an arbitrary host.
>
> Bye
Talking on Reliant/Sinix:
ln -s /etc/passwd /tmp/ppd.trace
/opt/bin/ppd -T
cat /etc/passwd
[..]
OOps.. (try to backup your /etc/passwd before you try this)
I have benn thinking on /tmp/ppd.log, but i can't make anything similar
with it.
Also, if you specify any kind of parameter other than -T ppd will try
to call this number, but do not dump to /tmp/ppd.trace so you cant
use the tmp race.
i know this some months ago and it's notified to siemens, but i got no response
Att. Pablo
No more to say...
P.D: If anyone wanna know exactly on which sinix/reliant systems does it work,
askme plz.
--
Pablo Ruiz Garcia (Pci)
Consultor de Seguridad
IP6 Seguridad (Tiger Team)
pruiz@ip6seguridad.com
>
