From owner-freebsd-security  Fri May  7 22:35:15 1999
Delivered-To: freebsd-security@freebsd.org
Received: from obie.softweyr.com (unknown [204.68.178.33])
	by hub.freebsd.org (Postfix) with ESMTP id 95E4D153EF
	for <security@FreeBSD.ORG>; Fri,  7 May 1999 22:35:11 -0700 (PDT)
	(envelope-from wes@softweyr.com)
Received: from softweyr.com (homer.softweyr.com [204.68.178.39])
	by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id XAA14390;
	Fri, 7 May 1999 23:34:59 -0600 (MDT)
	(envelope-from wes@softweyr.com)
Message-ID: <3733CD02.4A9BE15@softweyr.com>
Date: Fri, 07 May 1999 23:34:58 -0600
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Don Lewis <Don.Lewis@tsc.tdk.com>
Cc: Kevin Day <toasty@HOME.DRAGONDATA.COM>, security@FreeBSD.ORG
Subject: Re: KKIS.05051999.003b
References: <199905080021.RAA16889@salsa.gv.tsc.tdk.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Don Lewis wrote:
> 
> On May 6,  2:10pm, Kevin Day wrote:
> }
> } Here's my testing so far:
> }
> } 2.2.2 - Vulnerable
> } 2.2.6 - Vulnerable
> } 2.2.8 - Vulnerable
> } 3.1-RELEASE - Ran 15 minutes, no crash.

Let it keep running.  It will (apparently) eventually exhaust all 
available file handles in an unrecoverable manner.  3.1-R is better, 
but not invulnerable.


-- 
       "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                 Softweyr LLC
http://www.softweyr.com/~softweyr                      wes@softweyr.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message