From owner-freebsd-security@FreeBSD.ORG Wed Sep 7 22:27:23 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 92DFD16A41F for ; Wed, 7 Sep 2005 22:27:23 +0000 (GMT) (envelope-from talonz@gmail.com) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0FE5C43D45 for ; Wed, 7 Sep 2005 22:27:22 +0000 (GMT) (envelope-from talonz@gmail.com) Received: by wproxy.gmail.com with SMTP id 36so1488110wra for ; Wed, 07 Sep 2005 15:27:20 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:user-agent:x-accept-language:mime-version:to:subject:content-type:content-transfer-encoding; b=MwFhRjbtSsirB49FYPO/Romx7xZgVUPjsPgSII+/lIvNV8OTyX+KI+GVCN0+ywEKmx1debrjSgti3yNmr0X9RAuXE/LROMAsKT0gJ3a0GCxBa8QVkLfz7Lsr5cHEoNHUaR0TQkH4Yk8lifSHyHJiV8EWOMdp8HtreYQtP21xWGA= Received: by 10.54.57.46 with SMTP id f46mr183967wra; Wed, 07 Sep 2005 15:27:20 -0700 (PDT) Received: from ?144.139.93.215? ( [144.139.93.215]) by mx.gmail.com with ESMTP id 15sm11246039wrl.2005.09.07.15.27.18; Wed, 07 Sep 2005 15:27:20 -0700 (PDT) Message-ID: <431F6941.20006@gmail.com> Date: Thu, 08 Sep 2005 08:27:13 +1000 From: talonz User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20041016 X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: ee using 99% cpu after user ssh session terminates abnormaly X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Sep 2005 22:27:23 -0000 Recently i have been using a dialup 56k account to access the net and have noticed that when my ssh session times out and I am editing a file in ` ee ' the system goes to 99% cpu usage and stays like this till the pid is killed. This is a standard user account (not root/su) Would a user be able to create a denial of service condition on the remote system using this bug? (sorry if this is posted to the incorrect list) Details: System - FreeBSD 5.4-RELEASE-p5 ee using 99% cpu after user session terminates abnormaly PID reported by top. The output from ps looks like this [root@blah][~]$ ps aux| grep 70464 someuser 70464 93.5 0.1 1920 1372 p1- R 7:09PM 687:07.27 ee file Regards Jason M