From owner-freebsd-security Sun Feb 25 13:28: 0 2001 Delivered-To: freebsd-security@freebsd.org Received: from rly-ip02.mx.aol.com (rly-ip02.mx.aol.com [152.163.225.160]) by hub.freebsd.org (Postfix) with ESMTP id BB02437B401 for ; Sun, 25 Feb 2001 13:27:54 -0800 (PST) (envelope-from js43064n@pace.edu) Received: from tot-to.proxy.aol.com (tot-to.proxy.aol.com [152.163.204.1]) by rly-ip02.mx.aol.com (8.8.8/8.8.8/AOL-5.0.0) with ESMTP id QAA09268 for ; Sun, 25 Feb 2001 16:27:33 -0500 (EST) Received: from winme (AC990566.ipt.aol.com [172.153.5.102]) by tot-to.proxy.aol.com (8.10.0/8.10.0) with SMTP id f1PLRVa14553 for ; Sun, 25 Feb 2001 16:27:32 -0500 (EST) Message-ID: <002901c09f72$66ebee40$660599ac@winme> From: "Jonathan Slivko" To: Subject: Possible Security Vulnerability Date: Sun, 25 Feb 2001 16:32:04 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 X-Apparently-From: JMS19NYC@aol.com Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello all, I have been testing the security on my machine (FreeBSD 4.2-STABLE) and I noticed a bug that could potentially reboot a box from any type of user, root or regular user. What I did was I just gave the box a whole bunch of w commands like w;w;w;w;w, etc. and just let that run. A few seconds later, the box coredumped and rebooted. I got this to occur several times in a row. Is this some kind of known vulnerability or is this just something that will have to be investigated further? If interested in more details, please feel free to e-mail me. Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message