From owner-freebsd-hackers  Mon Oct 21 05:08:03 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id FAA09340
          for hackers-outgoing; Mon, 21 Oct 1996 05:08:03 -0700 (PDT)
Received: from www.hsc.wvu.edu (www.hsc.wvu.edu [157.182.105.122])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id FAA09307
          for <hackers@freebsd.org>; Mon, 21 Oct 1996 05:08:00 -0700 (PDT)
Received: (from jsigmon@localhost) by www.hsc.wvu.edu (8.7.5/8.7.3) id IAA05794; Mon, 21 Oct 1996 08:08:56 -0400 (EDT)
Date: Mon, 21 Oct 1996 08:08:56 -0400 (EDT)
From: Jeremy Sigmon <jsigmon@www.hsc.wvu.edu>
To: hackers@freebsd.org
Subject: Re: BoS: Urgent !! Serious Linux Security Bug.... (fwd)
Message-ID: <Pine.BSF.3.91.961021080818.5779B-100000@www.hsc.wvu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Date: Sun, 20 Oct 1996 21:14:42 -0400
From: Eli Burke <eburke@cslab.vt.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
Subject: Re: BoS: Urgent !! Serious Linux Security Bug....

> cy>> >        Today we saw an email from Linus Torvalds advising of a problem
> cy>> >with Linux and ping.  Basically you can reboot a linux box remotely if
> cy>> >some scenario's are right.  From what we can tell and this has all been
> cy>> >verified is: If anyone in the world with a Windows 95 machine can ping
> cy>> >your Linux box they can potentially reboot that machine..
> cy>>
> cy>> Yes, but this attack another machines, AIX for example.
> cy>I just tested this against FreeBSD 2.1.5.  The machine under attack,
> cy>a 486SX/25, got was for a while but recovered quite nicely.
>
> My Friend tested in this machines:
> >       1) Reboot: OSF/1 3.2C, Solaris2.4 x86
> >       2) Ignored: *BSD, SunOS4.1.x, IOS, AIX3.2.5, VMS e Solaris 2.4
> >          Sparc, Irix.
> >       3) Respond: M$ e OS/2
> >       4) Crash: Linux, AIX4, OSF  <= 3.2C and AIX3.2.5 on Token-ring.

        I tested this under OSF/1 3.2 and had no problems. Same for DUnix 4.0,
Ultrix 4.4, Windows NT 4.0 (server and workstation), and FreeBSD 2.1.5.
FreeBSD was the only one that showed any symptoms; the network card stopped
responding for about two minutes, but I could belive that to be the fault of
the lousy intel etherexpress driver.



--
Eli Burke
eburke@vt.edu
http://csugrad.cs.vt.edu/~eburke/