[25077] in bugtraq
Re: IRIX XFS filesystem denial of service attack
daemon@ATHENA.MIT.EDU (H D Moore)
Tue Apr 16 18:19:30 2002
Content-Type: text/plain;
charset="iso-8859-1"
From: H D Moore <sflist@digitaloffense.net>
To: agent99@sgi.com, linux-xfs@oss.sgi.com, bugtraq@securityfocus.com
Date: Mon, 15 Apr 2002 18:32:38 -0500
In-Reply-To: <10204151449.ZM268355@einstein.csd.sgi.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-Id: <200204151832.38497.sflist@digitaloffense.net>
Does this vulnerability affect the Linux XFS port? The XFS page has no
information about this or whether there is a fix available:
http://oss.sgi.com/projects/xfs/
-HD
On Monday 15 April 2002 04:49 pm, SGI Security Coordinator wrote:
>
> SGI Security Advisory
>
> Title: IRIX XFS filesystem denial of service attack
> Number: 20020402-01-P
> Date: April 15, 2002
> Reference: CAN-2002-0042
> -----------------------
> --- Issue Specifics ---
> -----------------------
>
> It has been reported that there is a vulnerability in IRIX's XFS
> filesystem. Under some circumstances, a user can create a file that would
> hang any application that would try to access it. This has the potential
> to be used to create a Denial of Service attack.
