Date: Wed, 5 May 1999 16:59:39 +0600 (KGST) From: CyberPsychotic <fygrave@tigerteam.net> To: freebsd-security@freebsd.org Cc: "Michael C. Vergallen" <mvergall@mail.double-barrel.be> Subject: Re: FreeBSD 3.1 remote reboot exploit (fwd) Message-ID: <Pine.LNX.4.05.9905051653080.452-100000@gizmo.kyrnet.kg>
next in thread | raw e-mail | index | archive | help
~ I don't see how this can be a exploit if you have /etc/hosts.deny and ~ /etc/hosts.allow set up correctly and dont allow rcmd commands on your ~ system.. This is not the case here I believe. if this bug really takes place, I would think that it's on tcp or ip level, so the most you need here, is some port being listened to. ~ I tried to remotely reboot my ftp server here and no it does not ~ work hmm.. depends on how you did that. Assuming from the other reports people send to the list, I believe the problem appears on tcp/ip level _maybe_ with some specific kernel options turned on. I've played with a friend's of mine machine bombing it with various sorts of maliformed tcp/udp and just sick ip datagrams but wasn't able to reproduce this. If anyone expirienced the problem wouldn't mind to share their log files/network traffic dump, I would appreciate that. -- fygrave@tigerteam.net http://www.kalug.lug.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.05.9905051653080.452-100000>