Date: Mon, 21 Oct 1996 18:43:08 -0400 (EDT) From: Troy Arie Cobb <troy@circle.net> To: security@FreeBSD.org Subject: Re: [bugtraq] Serious Linux Security Bug Message-ID: <Pine.BSF.3.91.961021184116.18242B-100000@demeter.circle.net> In-Reply-To: <Pine.NEB.3.95.961021155902.164A-100000@glacier.cold.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 21 Oct 1996, Brandon Gillespie wrote: > Date: Mon, 21 Oct 1996 16:00:20 -0600 (MDT) > From: Brandon Gillespie <brandon@glacier.cold.org> > To: Steve Reid <steve@edmweb.com> > Cc: security@FreeBSD.org > Subject: Re: [bugtraq] Serious Linux Security Bug > > On Mon, 21 Oct 1996, Steve Reid wrote: > > This has been discussed on the Bugtraq list for a few days now, but I > > haven't seen any talk of it here. > > > > There is no mention of the attack working against *BSD machines except for > > one person running FreeBSD 2.1.5 who reported that his Intel EtherExpress > > card stopped working for a couple of minutes. > > > > The attack is simple. From a Win95 box, > > ping -l 65510 buggyhost > > and it can crash or reboot some OSs. Very nasty. > > > > Has anyone checked the FreeBSD kernel to make sure that we're not > > vulnerable? > > I just tried this (from w95) against a FreeBSD 2.1.5 box and a 2.1.0 box, > both had no problems. Of course, I'm not sure if the ping ran correctly, > it returned: > > Request timed out. > > Instead. It does work without the '-l 65510' args. Ditto. But watching on the FBsd box when it happened I noticed that most of the network MBUFS filled up, caused the machine to stutter for a brief seccond and then flushed it. I'd guess that it triggers a fringe condition in the somewhat poor networking code in Linux. Ugly. Glad to be on FreeBSD, - troy Troy Arie Cobb troy@circle.net ------------------------------------------------------ | Circle Net, Inc. | global internet access | | http://www.circle.net | for western north carolina | | info@circle.net | and beyond... | | 704-254-9500 | | ------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.961021184116.18242B-100000>