From owner-freebsd-security  Thu Jan 20 12:36: 2 2000
Delivered-To: freebsd-security@freebsd.org
Received: from sivka.rdy.com (sivka.rdy.com [207.33.166.86])
	by hub.freebsd.org (Postfix) with ESMTP
	id 63BB314DA0; Thu, 20 Jan 2000 12:35:58 -0800 (PST)
	(envelope-from dima@rdy.com)
Received: (from dima@localhost)
	by sivka.rdy.com (8.9.3/8.9.3) id MAA54949;
	Thu, 20 Jan 2000 12:35:18 -0800 (PST)
	(envelope-from dima)
Message-Id: <200001202035.MAA54949@sivka.rdy.com>
Subject: Re: bugtraq posts:  stream.c - new FreeBSD exploit?
In-Reply-To: <3.0.5.32.20000120152818.01d7fa40@staff.sentex.ca> from Mike Tancsa
 at "Jan 20, 2000 03:28:18 pm"
To: Mike Tancsa <mike@sentex.net>
Date: Thu, 20 Jan 2000 12:35:18 -0800 (PST)
Cc: freebsd-security@freebsd.org, freebsd-stable@freebsd.org,
	security-officer@freebsd.org
Organization: HackerDome
Reply-To: dima@rdy.com
From: dima@rdy.com (Dima Ruban)
X-Mailer: ELM [version 2.4ME+ PL61 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Mike Tancsa writes:
> 
> Can anyone confirm the bugtraq posting ?  Are the freebsd folks working on
> a fix ? If so, what versions are effected ?

I personaly haven't seen the code in question, but I've heard that
this problem is not FreeBSD specific (Linux,Solaris,OpenBSD,etc etc etc
are all affected). And due to the nature of the problem it won't be easy to
fix it.

> 	---Mike
> 
> >The only log that he could provide was this one:
> >
> >---snip---
> >
> >syslog:Jan 18 12:30:36 x kernel: Kernel panic: Free list empty
> >
> >---snip---
> >
> >One thing of note:  he also stated this happened on non-freebsd systems,
> >which is contrary to what the other person said, who was "under the
> >impression it was freebsd specific."
> >
> >I have the source, which I'm not going to post for 2-3 days (give time for
> >fbsd to work on the fix).  If it isn't out before the 21st, I'll post it up.
> 
> 
> ------------------------------------------------------------------------
> Mike Tancsa,                          	          tel +1 519 651 3400
> Network Administrator,     			  mike@sentex.net
> Sentex Communications                 		  www.sentex.net
> Cambridge, Ontario Canada
> 

-- dima


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message