From owner-freebsd-current Tue Feb 25 17:15:21 2003 Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 78B9D37B401 for ; Tue, 25 Feb 2003 17:15:19 -0800 (PST) Received: from storming.org (MG034063.user.veloxzone.com.br [200.165.34.63]) by mx1.FreeBSD.org (Postfix) with SMTP id D485D43F85 for ; Tue, 25 Feb 2003 17:15:17 -0800 (PST) (envelope-from fred@storming.org) Received: (qmail 13812 invoked by uid 1000); 25 Feb 2003 22:15:15 -0300 Date: Tue, 25 Feb 2003 22:15:15 -0300 From: Fred Souza To: current@freebsd.org Subject: rpcbind DoS when running with -l Message-ID: <20030226011515.GA13719@torment.storming.org> Reply-To: fred@storming.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="8t9RHnE3ZwKMSgU+" Content-Disposition: inline X-Sender: fred@storming.org Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --8t9RHnE3ZwKMSgU+ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, I've just run into a new bug. I was running rpcbind with the -l flag, and when I started Opera and it tried connecting to 127.0.0.1:111 to begin the DNS resolution phase, rpcbind started fork()'ing and eating up all resources. After a few minutes, I could get this from `ps`: root ~ # ps ax PID TT STAT TIME COMMAND 0 ?? ZW 0:00.00 (rpcbind) 0 ?? ZW 0:00.00 (rpcbind) 0 ?? ZW 0:00.00 (rpcbind) 0 ?? ZW 0:00.00 (rpcbind) 0 ?? ZW 0:00.00 (rpcbind) [snip] 11259 ?? S 0:00.03 rpcbind: logit (rpcbind) 11260 ?? S 0:00.03 rpcbind: logit (rpcbind) 11262 ?? S 0:00.03 rpcbind: logit (rpcbind) 11263 ?? S 0:00.02 rpcbind: logit (rpcbind) 11264 ?? S 0:00.02 rpcbind: logit (rpcbind) [snip] and the box wouldn't respond until I finally got X killed and thus Opera too. Fred --=20 "The purpose of Physics 7A is to make the engineers realize that they're not perfect, and to make the rest of the people realize that they're not engineers." --8t9RHnE3ZwKMSgU+ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE+XBUjZNmEsrl+ROERAuCxAJ90PpdXnwGEaKluWB00q0fqDPsXcQCeKl/U o3TEkPfh1aL+BU8rGejLLX0= =2vKQ -----END PGP SIGNATURE----- --8t9RHnE3ZwKMSgU+-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message