From owner-freebsd-security Wed Jul 22 00:53:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA02160 for freebsd-security-outgoing; Wed, 22 Jul 1998 00:53:09 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from implode.root.com (implode.root.com [198.145.90.17]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA02138 for ; Wed, 22 Jul 1998 00:52:56 -0700 (PDT) (envelope-from root@implode.root.com) Received: from implode.root.com (localhost [127.0.0.1]) by implode.root.com (8.8.5/8.8.5) with ESMTP id AAA27286; Wed, 22 Jul 1998 00:51:19 -0700 (PDT) Message-Id: <199807220751.AAA27286@implode.root.com> To: Brett Glass cc: Jim Shankland , ahd@kew.com, leec@adam.adonai.net, security@FreeBSD.ORG Subject: Re: hacked and don't know why In-reply-to: Your message of "Wed, 22 Jul 1998 00:13:29 MDT." <199807220613.AAA26581@lariat.lariat.org> From: David Greenman Reply-To: dg@root.com Date: Wed, 22 Jul 1998 00:51:19 -0700 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >The symptoms aren't hard to understand. As I found out when we >were hit by the same hack, buffer overflow exploits also >hose memory.... The disk cache, kernel data, possibly even page tables >can be corrupted. Nothing's safe. If you do anything to your file >system before rebooting, you can wind up with corrupted directories >and worse. This happened to us. Um, sorry, but that is not true. Buffer overflows only affect the process; they do not affect the kernel. If you had corrupted directories or other filesystem problems, then you either have hardware problems or you experianced a very bizzare and unknown bug. -DG David Greenman Co-founder/Principal Architect, The FreeBSD Project To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message