From owner-freebsd-security  Mon Aug 16 18:21:11 1999
Delivered-To: freebsd-security@freebsd.org
Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2])
	by hub.freebsd.org (Postfix) with ESMTP id 2096C1546F
	for <freebsd-security@FreeBSD.ORG>; Mon, 16 Aug 1999 18:21:09 -0700 (PDT)
	(envelope-from dillon@apollo.backplane.com)
Received: (from dillon@localhost)
	by apollo.backplane.com (8.9.3/8.9.1) id SAA12524;
	Mon, 16 Aug 1999 18:19:46 -0700 (PDT)
	(envelope-from dillon)
Date: Mon, 16 Aug 1999 18:19:46 -0700 (PDT)
From: Matthew Dillon <dillon@apollo.backplane.com>
Message-Id: <199908170119.SAA12524@apollo.backplane.com>
To: Mike Tancsa <mike@sentex.net>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Any work around for this FreeBSD bug/DoS  ?
References:  <4.1.19990816203409.05989960@granite.sentex.ca>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


:Is there any work around or coming fix for the 'testsockbuf.c' originally
:reported by Marc Olzheim <marcolz@ilse.nl> on Aug 9th ?  Its only a matter
:of time until some wannabe script kiddie uploads it to one of my servers
:for his/her cgi-script. It crashes 2.2.x and 3.x servers reliably :-( I
:sent a message to the security officer last week but havent heard anything
:since then.
:
:	---Mike

    Try adjusting the kern.ipc.maxsockbuf sysctl.

						-Matt
    


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message