[7824] in bugtraq
Re: Security Hole in Axent ESM
daemon@ATHENA.MIT.EDU (Michael Shields)
Mon Aug 31 16:54:14 1998
Mail-Copies-To: never
Date: Mon, 31 Aug 1998 18:24:30 +0000
Reply-To: Michael Shields <shields@CROSSLINK.NET>
From: Michael Shields <shields@CROSSLINK.NET>
X-To: Andy Church <achurch@DRAGONFIRE.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Andy Church's message of "Sun, 30 Aug 1998 01:01:12 EDT"
In article <199808300501.BAA08612@Bahamut.dragonfire.net>,
Andy Church <achurch@DRAGONFIRE.NET> wrote:
> In other words, if you can't manually set the clock back, get the
> system to do it for you. And if the system doesn't allow the clock to
> "turn over", then all sorts of things will go bonkers when the clock hits
> its maximum (cron jobs, for one), turning this into a DoS of sorts. So I
> don't see this as a particularly effective measure. One way I could see to
> make this more effective would be to use 64-bit times and disallow both
> setting the clock back and changing the top 2 bits to anything other than
> zero. This would break the rollover attack without causing any premature
> Y2k-like problems (2^62 seconds ~= 10^13 years).
This is still a DOS of sorts, as you can set the clock to 2^62-1, and
then it will be impossible to return the clock to the correct time
without rebooting. Many things will probably be unhappy to find
themselves 10^13 years in the future.
--
Shields, CrossLink.
