Date: Mon, 03 May 1999 17:11:14 -0600 From: Brett Glass <brett@lariat.org> To: security@freebsd.org Subject: Claimed remote reboot exploit: Real or bogus? Message-ID: <4.2.0.37.19990503171021.04dd6630@localhost>
next in thread | raw e-mail | index | archive | help
Can anyone confirm or deny the existence of this exploit? >Return-Path: <owner-bugtraq@netspace.org> >Received: from brimstone.netspace.org (brimstone.netspace.org >[128.148.157.143]) > by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id QAA05374 > for <brett@LARIAT.ORG>; Mon, 3 May 1999 16:34:55 -0600 (MDT) >Received: from netspace.org ([128.148.157.6]:25967 "EHLO netspace.org" >ident: "TIMEDOUT2") by brimstone.netspace.org with ESMTP id <44338-4047>; >Mon, 3 May 1999 18:31:54 -0400 >Received: from NETSPACE.ORG by NETSPACE.ORG (LISTSERV-TCP/IP release 1.8d) with > spool id 452434 for BUGTRAQ@NETSPACE.ORG; Mon, 3 May 1999 22:31:01 > +0000 >Approved-By: aleph1@UNDERGROUND.ORG >Received: from dilbert.exodus.net (dilbert.exodus.net [216.33.66.132]) by > netspace.org (8.8.7/8.8.7) with ESMTP id EAA31442 for > <bugtraq@netspace.org>; Sat, 1 May 1999 04:17:47 -0400 >Received: (from jamie@localhost) by dilbert.exodus.net (8.9.1/8.9.1) id > DAA24310 for bugtraq@netspace.org; Sat, 1 May 1999 03:18:40 -0500 > (CDT) >Mime-Version: 1.0 >Content-Type: text/plain; charset=us-ascii >X-Mailer: Mutt 0.95.1i >RFC_Violation: You saw it here first! >X-PGP-Fingerprint: <921C135D> C4 48 1B 26 18 7B 1F D9 BA C4 9C 7A B1 07 07 E8 >X-No-Archive: Yes >X-Contact-Analog: ph:312.425.7140 fx:312.425.7240 >X-Contact-Page: 888.740.9533 || 7409533@skytel.com >Message-ID: <19990501031840.A24252@dilbert.exodus.net> >Date: Sat, 1 May 1999 03:18:40 -0500 >Reply-To: jamie@exodus.net >Sender: Bugtraq List <BUGTRAQ@netspace.org> >From: Jamie Rishaw <jamie@exodus.net> >Subject: FreeBSD 3.1 remote reboot exploit >To: BUGTRAQ@netspace.org >X-UIDL: bb7cd1086853f3805dc34b1136a06c40 > >Hi, > > Sorry to be so vague, but I wanted to let everyone know, > > It's been demonstrated to me by two people who will not reveal "how" >that there is a remote bug exploit, almost certainly over IP, that will >cause FreeBSD-3.1 systems to reboot with no warnings. > > The second box this was demonstrated on today had no open services >besides ircd, and was remote rebooted. (The first box had open services >such as smtp, ssh, pop, http, but did /not/ run ircd, eliminating ircd >as the culprit). > > If anyone can shed some light on this (really bad) issue, it'd be >greatly appreciated, especially since I am(was) in the process of >upgrading all of my boxes to 3.1. (3.1-REL). > > Regards, > >-jamie >-- >jamie rishaw (efnet:gavroche) -- Exodus Communications, Inc. >>Sr. Network Engr, Chicago, SoCal Data Centers ><jimmie> In an interesting move Exodus Communications annouced today that > they have replaced all of their backbone engineers with furby's To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.0.37.19990503171021.04dd6630>