Date: Mon, 4 Nov 2002 09:52:10 +0200 (EET) From: Juha Ylitalo <juha.o.ylitalo@nokia.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/44868: sysutils/cfengine2: cfservd dies fails if getaddrinfo if DNS lookup fails. Message-ID: <200211040752.gA47qAsp051538@namu.ntc.nokia.com>
next in thread | raw e-mail | index | archive | help
>Number: 44868 >Category: ports >Synopsis: sysutils/cfengine2: cfservd dies fails if getaddrinfo if DNS lookup fails. >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Nov 04 00:00:15 PST 2002 >Closed-Date: >Last-Modified: >Originator: Juha Ylitalo >Release: FreeBSD 4.6.1-RELEASE-p1 i386 >Organization: >Environment: System: FreeBSD kandu.hel.nic.noklab.net 4.6-RELEASE-p1 FreeBSD 4.6-RELEASE-p1 #0: Mon Jul 8 12:00:57 EEST 2002 root@kandu.hel.nic.noklab.net:/usr/obj/usr/src/sys/DBRACKPOMI i386 Port: sysutils/cfengine2-2.0.3 >Description: Nov 4 09:30:01 kandu kandu.hel.nic.noklab.net[68142]: Unable to lookup arieli.hel.nic.noklab.net Nov 4 09:30:01 kandu kandu.hel.nic.noklab.net[68142]: getaddrinfo: Undefined error: 0 Nov 4 09:30:01 kandu /kernel: pid 68142 (cfservd), uid 0: exited on signal 11 (core dumped) Appearantly if host, which DNS name can't be verified, tries to connect cfservd, it will kill cfservd instance. With this kind of failure, its far too easy to do DoS against my cfservd, which is responsible for all other boxes configuration. >How-To-Repeat: Log pretty much says it all... >Fix: >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200211040752.gA47qAsp051538>