[8133] in bugtraq
Possible DoS in rsh
daemon@ATHENA.MIT.EDU (Shivan Dragon)
Thu Oct 8 14:05:18 1998
Date: Tue, 6 Oct 1998 15:43:01 -0400
Reply-To: shivan@ICI.NET
From: Shivan Dragon <shivan@ICI.NET>
To: BUGTRAQ@NETSPACE.ORG
I don't know if this has been posted before so here it is. If you link your
.rhosts file (or hosts.equiv?) to /dev/zero. When you try to rsh it tried to
read /dev/zero that is of infinate length. I've tried to rsh in and I get
timed out after 60 seconds. Well lets change the situation around a bit. While
this file linked to /dev/zero , I tried to check mail via IMAP (e.g. pine). Well
all my processes zombied out and for each process the mail servers load climbed
a couple points. I didn't try to spawn any more IMAP processes (after 3), but
I'm pretty sure if I did the server's load could have been through the roof.
