|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: stream.c - new FreeBSD exploit?
Subject: Re: stream.c - new FreeBSD exploit?
From: Bill Fumerola (billf
CHC-CHIMES.COM)
Date: Thu Jan 20 2000 - 15:16:20 CST
- Next message: Brandon Eisenmann: "FW: Security Vulnerability with SMS 2.0 Remote Control"
- Previous message: Ryan Russell: "Re: Some discussion in http-wg ... FW: webmail vulnerabilities: a new pragma token?"
- In reply to: The Tree of Life: "stream.c - new FreeBSD exploit?"
- Next in thread: Adam Lynch: "Re: stream.c - new FreeBSD exploit?"
- Next in thread: Darren Reed: "Re: stream.c - new FreeBSD exploit?"
- Reply: Bill Fumerola: "Re: stream.c - new FreeBSD exploit?"
- Reply: Adam Lynch: "Re: stream.c - new FreeBSD exploit?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Jan 18, 2000 at 02:44:38PM -0800, The Tree of Life wrote:
> When I talked to another person to ask if he had 'acquired' the source, he
> said he wasn't going to give it out. I asked him if he had a patch for it,
> and he replied "the fbsd team is working on it. No patch is available right
> now."
>
> What's the importance of this? Major companies such as Yahoo
> (www.yahoo.com) and others run freebsd.
Major companies have firewalls too, but from what it sounds like, this
attack may crash/freeze/reboot/whatever them as well.
> According to the irc admin, a simple reboot fixes it. "Your box reboots or
> dies." He also stated, when asked if anything noticeable happened, that
> "nothing unusual [happened]".
>
> The only log that he could provide was this one:
>
> ---snip---
> syslog:Jan 18 12:30:36 x kernel: Kernel panic: Free list empty
> ---snip---
[hawk-billf] /sys > find . |xargs grep -ie 'free list empty'
[hawk-billf] /sys > uname -mrs
FreeBSD 4.0-CURRENT i386
> One thing of note: he also stated this happened on non-freebsd systems,
> which is contrary to what the other person said, who was "under the
> impression it was freebsd specific."
The above is a Linux panic, so it obviously works on non-FreeBSD machines.
It's a pity to attach FreeBSD to this exploit, as it obviously isn't specific
to just the FreeBSD stack. I wish the FUD would just go away sometimes.
-- Bill Fumerola - Network Architect Computer Horizons Corp - CVM e-mail: billfps. I'm not speaking for CHC or for FreeBSD...
- Next message: Brandon Eisenmann: "FW: Security Vulnerability with SMS 2.0 Remote Control"
- Previous message: Ryan Russell: "Re: Some discussion in http-wg ... FW: webmail vulnerabilities: a new pragma token?"
- In reply to: The Tree of Life: "stream.c - new FreeBSD exploit?"
- Next in thread: Adam Lynch: "Re: stream.c - new FreeBSD exploit?"
- Next in thread: Darren Reed: "Re: stream.c - new FreeBSD exploit?"
- Reply: Bill Fumerola: "Re: stream.c - new FreeBSD exploit?"
- Reply: Adam Lynch: "Re: stream.c - new FreeBSD exploit?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Fri Jan 21 2000 - 13:33:46 CST