[3554] in bugtraq
Re: Urgent !! Serious Linux Security Bug....
daemon@ATHENA.MIT.EDU (Ron DuFresne)
Tue Oct 22 20:42:49 1996
Date: Tue, 22 Oct 1996 17:27:30 -0500
Reply-To: Ron DuFresne <dufresne@parka.winternet.com>
From: Ron DuFresne <dufresne@parka.winternet.com>
X-To: Jean-Francois Zwobada <zwobada@apogee-com.fr>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <326BAF0D.54A5@apogee-com.fr>
I've gotta start questioning the testing process folks are using since
there are so many conflicting results being reported in which OS' and
kernel levels are vulnerable, or am I reading these too fast and the
conflicts only in my mind here?
Later,
Ron DuFresne
On Mon, 21 Oct 1996, Jean-Francois Zwobada wrote:
> Henrik P Johnson wrote:
> >
> > On Sun, 20 Oct 1996, Jason T. Luttgens wrote:
> >
> > > Today we saw an email from Linus Torvalds advising of a problem
> > > with Linux and ping. Basically you can reboot a linux box remotely if
> > > some scenario's are right. From what we can tell and this has all been
> > > verified is: If anyone in the world with a Windows 95 machine can ping
> > > your
> > > Linux box they can potentially reboot that machine.. Hence a serious
> > > denial of service OR loss of data.
> >
>
> BSDish Unices (BSD/OS v2.1, SunOS 4.1.x) and Solaris 2.5 don't reply. NT
> just responds.
>
> > This also works on HPUX 10.1, when I tried it I got a system panic and the
> > machine hang and didn't reboot.
>
> Another good bug of the week for the Scriptors of Doom :o)
>
> --
> _____ Jean-Francois Zwobada (mailto:zwobada@apogee-com.fr) _______
>
> Apogee Communications Tel : +33 (1) 69 85 56 47
> Fax : +33 (1) 69 85 56 48
>
> This guy is powered by a Z81 - Best Viewed using plain text
> _________________________________________________________________
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
