[3515] in bugtraq
Re: BoS: Urgent !! Serious Linux Security Bug....
daemon@ATHENA.MIT.EDU (Nelson Murilo)
Sun Oct 20 21:13:09 1996
Date: Sun, 20 Oct 1996 16:00:01 -0200
Reply-To: Nelson Murilo <nelson@pangeia.com.br>
From: Nelson Murilo <nelson@pangeia.com.br>
X-To: cschuber@uumail.gov.bc.ca
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <199610201731.KAA03783@cwsys.cwent.com>
On Sun, 20 Oct 1996, Cy Schubert wrote:
cy>> This message is in MIME format. The first part should be readable text,
cy>> while the remaining parts are likely unreadable without MIME-aware tools.
cy>> Send mail to mime@docserver.cac.washington.edu for more info.
cy>>
cy>> --------------BFF22A370E3
cy>> Content-Type: TEXT/PLAIN; CHARSET=us-ascii
cy>> Content-ID: <Pine.LNX.3.95.961019202546.8165T@spliff.pangeia.com.br>
cy>>
cy>> On Sat, 19 Oct 1996, Jake the Prince wrote:
cy>>
cy>> >Hi,
cy>> >
cy>> > Today we saw an email from Linus Torvalds advising of a problem
cy>> >with Linux and ping. Basically you can reboot a linux box remotely if
cy>> >some scenario's are right. From what we can tell and this has all been
cy>> >verified is: If anyone in the world with a Windows 95 machine can ping
cy>> >your
cy>> >Linux box they can potentially reboot that machine.. Hence a serious
cy>> >denial of service OR loss of data.
cy>>
cy>> Yes, but this attack another machines, AIX for example.
cy>
cy>I just tested this against FreeBSD 2.1.5. The machine under attack,
cy>a 486SX/25, got was for a while but recovered quite nicely.
cy>
cy>When I get into work tomorrow I'll check it out against some other
cy>platforms.
My Friend tested in this machines:
> 1) Reboot: OSF/1 3.2C, Solaris2.4 x86
> 2) Ignored: *BSD, SunOS4.1.x, IOS, AIX3.2.5, VMS e Solaris 2.4
Sparc, Irix.
> 3) Respond: M$ e OS/2
> 4) Crash: Linux, AIX4, OSF <= 3.2C and AIX3.2.5 on Token-ring.
cy>
cy>>
cy>
cy>
cy>Regards, Phone: (604)389-3827
cy>Cy Schubert OV/VM: BCSC02(CSCHUBER)
cy>Open Systems Support BITNET: CSCHUBER@BCSC02.BITNET
cy>ITSD Internet: cschuber@uumail.gov.bc.ca
cy> cschuber@bcsc02.gov.bc.ca
cy>
cy> "Quit spooling around, JES do it."
cy>
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
N e l s o n M u r i l o
Pangeia Informatica - Provedor de solucoes Internet.
http://www.pangeia.com.br
http://www.bluesky.net/pangeia
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
