Re: Urgent !! Serious Linux Security Bug....

zwobadaapogee-com.fr

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Henrik P Johnson: "Suspicion about denial of service attacks possible on IP."
• Previous message: Alan Cox: "Re: [linux-security] ncpmount/ncpumount"
• Maybe in reply to: Jake the Prince: "Urgent !! Serious Linux Security Bug...."
• Next in thread: Jochen Friedrich: "Re: Urgent !! Serious Linux Security Bug...."

Henrik P Johnson wrote:
>
> On Sun, 20 Oct 1996, Jason T. Luttgens wrote:
>
> >         Today we saw an email from Linus Torvalds advising of a problem
> > with Linux and ping.  Basically you can reboot a linux box remotely if
> > some scenario's are right.  From what we can tell and this has all been
> > verified is: If anyone in the world with a Windows 95 machine can ping
> > your
> > Linux box they can potentially reboot that machine.. Hence a serious
> > denial of service OR loss of data.
>

BSDish Unices (BSD/OS v2.1, SunOS 4.1.x) and Solaris 2.5 don't reply. NT
just responds.

> This also works on HPUX 10.1, when I tried it I got a system panic and the
> machine hang and didn't reboot.

Another good bug of the week for the Scriptors of Doom :o)

--
_____ Jean-Francois Zwobada (mailto:zwobadaapogee-com.fr) _______

Apogee Communications              Tel    : +33 (1) 69 85 56 47
                                   Fax    : +33 (1) 69 85 56 48

This guy is powered by a Z81 - Best Viewed using plain text
_________________________________________________________________

• Next message: Henrik P Johnson: "Suspicion about denial of service attacks possible on IP."
• Previous message: Alan Cox: "Re: [linux-security] ncpmount/ncpumount"
• Maybe in reply to: Jake the Prince: "Urgent !! Serious Linux Security Bug...."
• Next in thread: Jochen Friedrich: "Re: Urgent !! Serious Linux Security Bug...."