Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_4

Bugtraq archives for 4th quarter (Oct-Dec) 1998: Re: Possible DoS in rsh

Re: Possible DoS in rsh

Nick Andrew (nickZETA.ORG.AU)
Fri, 9 Oct 1998 10:08:46 +1000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kevin Lindsay: "Secure Locate v1.0"
Previous message: Max Vision: "more Netscape 4.07 javascript security"
In reply to: Shivan Dragon: "Possible DoS in rsh"
Next in thread: Henrik Nordstrom: "Re: Possible DoS in rsh"

In message <199810061943.PAA28852bajor.ici.net>, Shivan Dragon writes:
>I don't know if this has been posted before so here it is. If you link your
>.rhosts file (or hosts.equiv?) to /dev/zero. When you try to rsh it tried to
>read /dev/zero that is of infinate length.

Programs (esp. daemons) which run as root should refuse to read control
files which are symlinks (and home directories should not be on the same
partition as /dev!).

A similar DoS may be possible by symlinking .forward, .qmail, .plan etc.

Nick.

Next message: Kevin Lindsay: "Secure Locate v1.0"
Previous message: Max Vision: "more Netscape 4.07 javascript security"
In reply to: Shivan Dragon: "Possible DoS in rsh"
Next in thread: Henrik Nordstrom: "Re: Possible DoS in rsh"