From owner-freebsd-security Tue Mar 20 10:10:15 2001 Delivered-To: freebsd-security@freebsd.org Received: from ns.yogotech.com (ns.yogotech.com [206.127.123.66]) by hub.freebsd.org (Postfix) with ESMTP id 5C37837B73F for ; Tue, 20 Mar 2001 10:10:09 -0800 (PST) (envelope-from nate@yogotech.com) Received: from nomad.yogotech.com (yogotech.nokia.com [4.22.66.156]) by ns.yogotech.com (8.9.3/8.9.3) with ESMTP id LAA07382; Tue, 20 Mar 2001 11:07:56 -0700 (MST) (envelope-from nate@nomad.yogotech.com) Received: (from nate@localhost) by nomad.yogotech.com (8.8.8/8.8.8) id LAA06683; Tue, 20 Mar 2001 11:07:44 -0700 (MST) (envelope-from nate) From: Nate Williams MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15031.40047.731987.194238@nomad.yogotech.com> Date: Tue, 20 Mar 2001 11:07:43 -0700 (MST) To: Brett Glass Cc: Kris Kennaway , security@FreeBSD.ORG Subject: Re: Odd event -- possible security hole or DoS? In-Reply-To: <4.3.2.7.2.20010320001710.00d88950@localhost> References: <4.3.2.7.2.20010319172800.00cf9c60@localhost> <4.3.2.7.2.20010320001710.00d88950@localhost> X-Mailer: VM 6.75 under 21.1 (patch 12) "Channel Islands" XEmacs Lucid Reply-To: nate@yogotech.com (Nate Williams) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > >I can't even begin to remember all of the TCP, kernel and application > >bugs fixed in the 2 1/2 years since 2.2.8. There are probably a > >number of ways someone could have caused something like this. > > I guess what I'm concerned about is that I don't know if it's > an intentional DoS and/or if it's present in current versions. There were at least 3 remote vulnerabilities in 2.2.8 TCP/IP stack, and 2-3 vulnerabilities in the shipped software. Fixes to the stack were merged into the code-base a long time back, although the shipped software (BIND and SENDMAIL were two of the them) require you back-porting the software to the box. (Trivial to do). Inetd may have had problems as well, but I believe they were DOS types, related to local users and not remote users. Nate To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message