|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: enrico
wizards-of-source.orgDate: Tue Apr 23 2002 - 16:11:54 CDT
Hi,
mosix and probalby open-Mosix are vulnerable to an Denial of Service
attack, the problem lies in the mosix-protocol-stack, mosix are not able
to handle garbage-packets correctly.
MosiX is an cluster-environment for Linux and is avail from www.mosix.org
also vulnerable is to this is the clumpOS-Mosix client cd, the
clumpOS-Mosix Node has also no vnc password set so anyone in the
cluster-network can gain root-access to the affected node. this issue will
be fixed in the next clumpOS Version.
this has been succefully tested on mosix 1.5.7 and latest clumpOS with
dfsa and mfs enabled.
fix:
disable mfs in kernel-configuration
www.h07.org
German Unix/Linux Developer Team
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]