Date: Sun, 20 Dec 1998 18:14:48 +0500 (KGT) From: CyberPsychotic <mlists@gizmo.kyrnet.kg> To: Rico Pajarola <pajarola@cybertime.ch> Cc: security@FreeBSD.ORG Subject: Re: nmap crashes inetd/portmap on 2.2.6 Message-ID: <Pine.LNX.4.05.9812201812340.10479-100000@gizmo.kyrnet.kg> In-Reply-To: <3.0.32.19981219170558.0080a8c0@www.dlc.cybertime.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Dec 1998, Rico Pajarola wrote: ~ portscanning with nmap results in inetd crashing/hanging on FBSD 2.2.6 ~ which makes an excellent DoS attack. Portmap is also affected, inetd hangs ~ initializing rpc/udp services when you HUP it, making it somewhat more ~ complicated to recover, as you'll have to restart all rpc services (in the ~ correct order). It is not always reproducible (sometimes you need to try ~ several times with different flags to nmap). I couldn't crash inetd on ~ FBSD-Current (may 28 1998) so I guess it has been fixed. Are there any ~ known issues I missed? other os are vulnerable as well (still testing). ~ well, the similar(?) bug was found in linux inetd. The problem was with the way accept() call was implemented in kernel. I suspect nearly the same thing may appear here. For details related to linux glitch, see: http://oliver.efri.hr/~crv/security/bugs/Linux/inetd.html ~F. -- fygrave@tigerteam.net http://www.kalug.lug.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9812201812340.10479-100000>