Date: Tue, 22 Oct 1996 13:15:53 +0200 From: Lutz Albers <lutz@muc.de> To: Steve Reid <steve@edmweb.com> Cc: security@freebsd.org Subject: Re: [bugtraq] Serious Linux Security Bug Message-ID: <v03007802ae925cb8a72c@[192.168.42.51]> In-Reply-To: <Pine.BSF.3.91.961021134926.189B-100000@bitbucket.edmweb.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Steve Reid wrote on 21.10.1996 [bugtraq] Serious Linux Security Bug >There is no mention of the attack working against *BSD machines except for >one person running FreeBSD 2.1.5 who reported that his Intel EtherExpress >card stopped working for a couple of minutes. > >The attack is simple. From a Win95 box, >ping -l 65510 buggyhost >and it can crash or reboot some OSs. Very nasty. > >Has anyone checked the FreeBSD kernel to make sure that we're not >vulnerable? Just tried it from one 2.1.5R machine to another (source using a 3COM509 (ep0), target using a SMC Elite 16C (ed0)) with no problems. It did take some time for the source machine preparing the ICMP request (machine crawls with all caches disabled :-( lutz --------------------------------------------------------------------- Lutz Albers | What's good ? Luederitzstr. 14, 81929-Muenchen, Germany | Life's good - <mailto:lutz@muc.de> ph: +49-89-93940363 | But not fair at all <http://www.muc.de/~lutz>; fax:+49-89-93940365 | (Lou Reed) Do not take life too seriously, you will never get out of it alive.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v03007802ae925cb8a72c>