From owner-freebsd-security  Wed Apr 14  9:36: 3 1999
Delivered-To: freebsd-security@freebsd.org
Received: from wrath.cs.utah.edu (wrath.cs.utah.edu [155.99.198.100])
	by hub.freebsd.org (Postfix) with ESMTP id 820A6152C9
	for <freebsd-security@FreeBSD.ORG>; Wed, 14 Apr 1999 09:35:57 -0700 (PDT)
	(envelope-from danderse@cs.utah.edu)
Received: from lal.cs.utah.edu (lal.cs.utah.edu [155.99.195.65])
	by wrath.cs.utah.edu (8.8.8/8.8.8) with ESMTP id KAA02272;
	Wed, 14 Apr 1999 10:33:36 -0600 (MDT)
From: David G Andersen <danderse@cs.utah.edu>
Received: (from danderse@localhost)
	by lal.cs.utah.edu (8.8.8/8.8.8) id KAA17779;
	Wed, 14 Apr 1999 10:33:35 -0600 (MDT)
Message-Id: <199904141633.KAA17779@lal.cs.utah.edu>
Subject: Re: Sendmail up to 8.9.2 vulnerability
To: andyo@prime.net.ua (Andy V. Oleynik)
Date: Wed, 14 Apr 1999 10:33:34 -0600 (MDT)
Cc: freebsd-security@FreeBSD.ORG
In-Reply-To: <3714B71B.5420EB1F@prime.net.ua> from "Andy V. Oleynik" at Apr 14, 99 06:41:17 pm
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Lo and behold, Andy V. Oleynik once said:
> 
> Hi, everybody,
> recently I've read about subj (src: http://www.rootshell.com/beta),
> got a  simple  c-program to test my sendmail.
> I'm running  a test now, but what I would ask:
> bugdiscoverer writes following in his msg:
> "
>  If you noticed increased LA during attack,
>                               your machine is vulnerable.
> "
> What does he mean under "LA"?
> And may be some of U has appropriate patch for subj?

    Load average.  It's a denial of service attack;  the exploit you
downloaded is designed to be somewhat nice, and simply slow the machine
down by a small amount.  It's not all that exciting.  Still, there's no
harm in upgrading. :-)

   -Dave

-- 
work: danderse@cs.utah.edu                     me:  angio@pobox.com
      University of Utah                            http://www.angio.net/
      Computer Science - Flux Research Group   "What's footnote FIVE?"


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message