From owner-freebsd-security Wed Jun 14 21:46:15 2000 Delivered-To: freebsd-security@freebsd.org Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39]) by hub.freebsd.org (Postfix) with SMTP id BA92437BD59 for ; Wed, 14 Jun 2000 21:46:08 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 35212 invoked by uid 1000); 15 Jun 2000 04:45:59 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 15 Jun 2000 04:45:59 -0000 Date: Wed, 14 Jun 2000 23:45:59 -0500 (CDT) From: Mike Silbersack To: freebsd-security@freebsd.org Subject: Re: Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability - Mac OS X affected In-Reply-To: <20000614174706.F78775@closed-networks.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 14 Jun 2000, User Datagram Protocol wrote: > Eww. What a lame DoS attack. > > On Wed, Aug 02, 2000 at 08:41:53AM -0300, Ussr Labs wrote: > > an unpriviledged user can panic the kernel. Quick and dirty testing > > > ... > > Big deal. So what do we do about it? Implement per-process mbuf usage limits? > Eww. Good news. Jonathan Lemon committed the mbuf wait MFC to the 3 branch a few days ago, so we can now simply tell people to cvsup if they're worried about someone trying a mbuf exhaustion on them. (Granted, the handling of such an attack isn't perfect for all cases, but the panic is gone.) Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message