[3539] in bugtraq
Re: Urgent !! Serious Linux Security Bug....
daemon@ATHENA.MIT.EDU (Stefanita Valeriu Vilcu)
Tue Oct 22 11:47:50 1996
Date: Tue, 22 Oct 1996 09:18:25 +0200
Reply-To: Stefanita Valeriu Vilcu <vsv@logicnet.ro>
From: Stefanita Valeriu Vilcu <vsv@logicnet.ro>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.HPP.3.95.961021141553.1090B-100000@tide.one.se>
On Mon, 21 Oct 1996, Henrik P Johnson wrote:
> On Sun, 20 Oct 1996, Jason T. Luttgens wrote:
>
> > Today we saw an email from Linus Torvalds advising of a problem
> > with Linux and ping. Basically you can reboot a linux box remotely if
> > some scenario's are right. From what we can tell and this has all been
> > verified is: If anyone in the world with a Windows 95 machine can ping
> > your
> > Linux box they can potentially reboot that machine.. Hence a serious
> > denial of service OR loss of data.
>
> This also works on HPUX 10.1, when I tried it I got a system panic and the
> machine hang and didn't reboot.
It does not work on DG/UX 5.4. These machines are insensible at this kind
of packets and drop them (the NT 4.0 ping reports "Request timed out" at
big packets, but it works with lower size ones).
Best Regards,
Stefanita Vilcu
---
Network Administrator, Logic Telecom S.A., Romania
E-mail: vsv@logicnet.ro, phone: +40-1-3213635, fax: +40-1-3213730
