From owner-freebsd-security Tue Mar 13 8:44:31 2001 Delivered-To: freebsd-security@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 8A35C37B718 for ; Tue, 13 Mar 2001 08:44:27 -0800 (PST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id LAA73764; Tue, 13 Mar 2001 11:44:24 -0500 (EST) (envelope-from wollman) Date: Tue, 13 Mar 2001 11:44:24 -0500 (EST) From: Garrett Wollman Message-Id: <200103131644.LAA73764@khavrinen.lcs.mit.edu> To: security@freebsd.org Subject: rwhod In-Reply-To: <200103122347.f2CNlxT28110@freefall.freebsd.org> References: <200103122347.f2CNlxT28110@freefall.freebsd.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 < said: > Remote users can cause the rwhod daemon to crash, denying service to > clients. It's worth noting that most people who run `rwhod' use it only for ``tourist information'' anyway and do not actually depend on the information it provides. I run it on my servers so that the nightly reports will include the summary of uptimes and load averages, but if one daemon goes AWOL I'll not be particularly concerned. If, on the other hand, this bug is actually exploitable, that would be much more serious (and would warrant a reissue of the advisory). - -GAWollman -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE6rk5lI+eG6b7tlG4RAm4xAJ9sm/QFEbRIjppfMI776herCdCN4ACfZ0NK 7ec//L3imXWdyEoI4dcCgJ4= =MStX -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message