[4806] in bugtraq
Re: Solaris Ping bug (DoS)
daemon@ATHENA.MIT.EDU (Jes Sorensen)
Thu Jun 26 14:25:12 1997
Date: Thu, 26 Jun 1997 13:37:17 +0200
Reply-To: Jes Sorensen <Jes.Sorensen@CERN.CH>
From: Jes Sorensen <Jes.Sorensen@CERN.CH>
X-To: Adam Caldwell <adam@ATL.ENI.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Adam Caldwell's message of Thu, 26 Jun 1997 00:08:29 -0400
>>>>> "Adam" == Adam Caldwell <adam@ATL.ENI.NET> writes:
Adam> I briefly searched the bugtraq archives and didn't see this one,
Adam> so here's a way to reboot a Solaris box, and is exploitable by
Adam> anyone with an account on the system since ping is setuid root.
Adam> ping -sv -i 127.0.0.1 224.0.0.1
Adam> On solaris 2.5, causes the machine to reboot (personal
Adam> experience). I've had independent reports of it crashing 2.5.1,
Adam> and 2.5 (x86). It probably works on all versions of Solaris.
For what its worth, this bug is also present in 2.6-beta2, haven't
tested the release version of 2.6 yet.
Jes
