OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: 3 Solaris reboot in 3 days
From: mixter2XS.CO.IL
Date: Fri Jul 28 2000 - 15:33:28 CDT

There is a definitive remote DoS out for solaris 2.6 without this
patch and any lower solaris box. affected systems crash when a
nmap OS fingerprinting is done against a port of a service run
by inetd (if the port closes after/while being scanned).. an exploit that
can reproduce/test this is available at http://mixter.void.ru/soltera.c

On Fri, 28 Jul 2000, Xavier Mertens wrote:

> Hi *,
>
> Strange... We had 3 Solaris (2.6) box reboot in 3 days. All servers had
> the same problem:
>
> Jul 28 13:47:41 orion savecore: reboot after panic: recursive mutex_enter, lp=6147dcec owner=613cade0 thread=613cade0 type=0 tsid=0
>
> There exist a patch against this problem (105529-09) but 3 reboots in 3 days
> look strange! :(
>
> Heard anything about a new exploit?
>
> Regards,
> X
>
> --
> Xavier Mertens, . . EuroNet Internet "Contrary to popular belief,
> NOC Manager . * a subsidiary of Unix is userfriendly. It
> XM3-RIPE XM1-6BONE . France Telecom just happens to be selective
> about who it makes friends
> with."
>