[20917] in bugtraq
XFree86-xfs-4.0.1-1 DoS
daemon@ATHENA.MIT.EDU (=?iso-8859-2?q?Jaros=B3aw=20Zachwi)
Fri Jun 8 12:23:48 2001
Content-Type: text/plain;
charset="iso-8859-2"
From: =?iso-8859-2?q?Jaros=B3aw=20Zachwieja?= <grok@mhd.pl>
To: bugtraq@securityfocus.com
Date: Wed, 6 Jun 2001 16:31:49 +0200
MIME-Version: 1.0
Message-Id: <01060616314900.14503@base.mhd.pl>
Content-Transfer-Encoding: 8bit
Hello,
xfs from the package XFree86-xfs-4.0.1-1 (i386.rpm), RedHat 7.0 seems to
suffer from a Denial of Service attack.
To cause xfs to stop responding for requests, try to do the fillowing:
$ telnet victim xfs </dev/urandom
Repeat about 100 (or 1000) times and you get Connection refused message.
Regular Xservers can no longer connect, usually crash stating Could not open
default font 'fixed' and probably get disabled for 5 minutes if run from
inittab.
I'd appreciate any succesfull/unsuccesfull attemps of reproducing this
behaviour.
Regards,
--
Valentine M. Smith
