Date: Mon, 21 Oct 1996 07:07:17 -0700 From: Amancio Hasty <hasty@rah.star-gate.com> To: Jeremy Sigmon <jsigmon@www.hsc.wvu.edu> Cc: hackers@freebsd.org Subject: Re: BoS: Urgent !! Serious Linux Security Bug.... (fwd) Message-ID: <199610211407.HAA01221@rah.star-gate.com> In-Reply-To: Your message of "Mon, 21 Oct 1996 08:08:56 EDT." <Pine.BSF.3.91.961021080818.5779B-100000@www.hsc.wvu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
>From The Desk Of Jeremy Sigmon : > > Date: Sun, 20 Oct 1996 21:14:42 -0400 > From: Eli Burke <eburke@cslab.vt.edu> > To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG> > Subject: Re: BoS: Urgent !! Serious Linux Security Bug.... > > > cy>> > Today we saw an email from Linus Torvalds advising of a probl em > > cy>> >with Linux and ping. Basically you can reboot a linux box remotely i f > > cy>> >some scenario's are right. From what we can tell and this has all be en > > cy>> >verified is: If anyone in the world with a Windows 95 machine can pin g > > cy>> >your Linux box they can potentially reboot that machine.. > > cy>> > > cy>> Yes, but this attack another machines, AIX for example. > > cy>I just tested this against FreeBSD 2.1.5. The machine under attack, > > cy>a 486SX/25, got was for a while but recovered quite nicely. > > > > My Friend tested in this machines: > > > 1) Reboot: OSF/1 3.2C, Solaris2.4 x86 > > > 2) Ignored: *BSD, SunOS4.1.x, IOS, AIX3.2.5, VMS e Solaris 2.4 > > > Sparc, Irix. > > > 3) Respond: M$ e OS/2 > > > 4) Crash: Linux, AIX4, OSF <= 3.2C and AIX3.2.5 on Token-ring. > > I tested this under OSF/1 3.2 and had no problems. Same for DUnix 4.0 , > Ultrix 4.4, Windows NT 4.0 (server and workstation), and FreeBSD 2.1.5. > FreeBSD was the only one that showed any symptoms; the network card stopped > responding for about two minutes, but I could belive that to be the fault of > the lousy intel etherexpress driver. > Is this is a joke? And yes I have had Win95 boxes ping my FreeBSD boxes. Amancio
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610211407.HAA01221>