Date: Mon, 03 May 1999 18:40:30 -0700 From: Mike Smith <mike@smith.net.au> To: Seth <seth@freebie.dp.ny.frb.org> Cc: freebsd-stable@freebsd.org, security@freebsd.org, jamie@exodus.net Subject: Re: FreeBSD 3.1 remote reboot exploit (fwd) Message-ID: <199905040140.SAA01305@dingo.cdrom.com> In-Reply-To: Your message of "Mon, 03 May 1999 19:32:11 EDT." <Pine.BSF.4.10.9905031931170.54151-100000@freebie.dp.ny.frb.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I have to say that Jamie really let us down by not running a raw tcpdump alongside the second targetted machine here. Any chance of provoking these people into "demonstrating" the exploit on a machine, while another connected to the same wire is running tcpdump -s 2000 -w splot.raw and then sending us the 'splot.raw' file? > Just hit bugtraq, figured people might want to get in touch or start > digging. > > SB > > ---------- Forwarded message ---------- > Date: Sat, 01 May 1999 03:18:40 -0500 > From: Jamie Rishaw <jamie@EXODUS.NET> > To: BUGTRAQ@netspace.org > Subject: FreeBSD 3.1 remote reboot exploit > > Hi, > > Sorry to be so vague, but I wanted to let everyone know, > > It's been demonstrated to me by two people who will not reveal "how" > that there is a remote bug exploit, almost certainly over IP, that will > cause FreeBSD-3.1 systems to reboot with no warnings. > > The second box this was demonstrated on today had no open services > besides ircd, and was remote rebooted. (The first box had open services > such as smtp, ssh, pop, http, but did /not/ run ircd, eliminating ircd > as the culprit). > > If anyone can shed some light on this (really bad) issue, it'd be > greatly appreciated, especially since I am(was) in the process of > upgrading all of my boxes to 3.1. (3.1-REL). > > Regards, > > -jamie > -- > jamie rishaw (efnet:gavroche) -- Exodus Communications, Inc. > >Sr. Network Engr, Chicago, SoCal Data Centers > <jimmie> In an interesting move Exodus Communications annouced today that > they have replaced all of their backbone engineers with furby's > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199905040140.SAA01305>