[3535] in bugtraq
Re: Urgent !! Serious Linux Security Bug....
daemon@ATHENA.MIT.EDU (Jean-Francois Zwobada)
Tue Oct 22 04:23:12 1996
Date: Mon, 21 Oct 1996 19:12:45 +0200
Reply-To: zwobada@apogee-com.fr
From: Jean-Francois Zwobada <zwobada@apogee-com.fr>
X-To: Henrik P Johnson <hpj@one.se>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Henrik P Johnson wrote:
>
> On Sun, 20 Oct 1996, Jason T. Luttgens wrote:
>
> > Today we saw an email from Linus Torvalds advising of a problem
> > with Linux and ping. Basically you can reboot a linux box remotely if
> > some scenario's are right. From what we can tell and this has all been
> > verified is: If anyone in the world with a Windows 95 machine can ping
> > your
> > Linux box they can potentially reboot that machine.. Hence a serious
> > denial of service OR loss of data.
>
BSDish Unices (BSD/OS v2.1, SunOS 4.1.x) and Solaris 2.5 don't reply. NT
just responds.
> This also works on HPUX 10.1, when I tried it I got a system panic and the
> machine hang and didn't reboot.
Another good bug of the week for the Scriptors of Doom :o)
--
_____ Jean-Francois Zwobada (mailto:zwobada@apogee-com.fr) _______
Apogee Communications Tel : +33 (1) 69 85 56 47
Fax : +33 (1) 69 85 56 48
This guy is powered by a Z81 - Best Viewed using plain text
_________________________________________________________________
