Date: Tue, 13 Mar 2001 13:52:06 -0800 From: Kris Kennaway <kris@obsecurity.org> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: security@FreeBSD.ORG Subject: Re: rwhod Message-ID: <20010313135205.A17955@mollari.cthul.hu> In-Reply-To: <200103131644.LAA73764@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Tue, Mar 13, 2001 at 11:44:24AM -0500 References: <200103122347.f2CNlxT28110@freefall.freebsd.org> <200103131644.LAA73764@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--3MwIy2ne0vdjdPXF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Mar 13, 2001 at 11:44:24AM -0500, Garrett Wollman wrote: > <<On Mon, 12 Mar 2001 15:47:59 -0800 (PST), FreeBSD Security Advisories <= security-advisories@FreeBSD.ORG> said: >=20 > > Remote users can cause the rwhod daemon to crash, denying service to > > clients. >=20 > It's worth noting that most people who run `rwhod' use it only for > ``tourist information'' anyway and do not actually depend on the > information it provides. I run it on my servers so that the nightly > reports will include the summary of uptimes and load averages, but if > one daemon goes AWOL I'll not be particularly concerned. >=20 > If, on the other hand, this bug is actually exploitable, that would be > much more serious (and would warrant a reissue of the advisory). Yeah, it's pretty tame..but still worth reporting (instances where daemons can be remotely induced to crash are a class of bug we report in advisories, reliability is a component of security, etc :-) Kris --3MwIy2ne0vdjdPXF Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6rpaFWry0BWjoQKURAhHYAKDNT5fwy+mGZASyFWcg6bRpppOYCQCbBpzj oc4Yoanmtbf2MU7x9WFVbso= =hrQ5 -----END PGP SIGNATURE----- --3MwIy2ne0vdjdPXF-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010313135205.A17955>