From owner-freebsd-security Sun Feb 25 14: 3:10 2001 Delivered-To: freebsd-security@freebsd.org Received: from secure.smtp.email.msn.com (secure.smtp.email.msn.com [207.46.181.28]) by hub.freebsd.org (Postfix) with ESMTP id 9475337B503; Sun, 25 Feb 2001 14:03:02 -0800 (PST) (envelope-from JHowie@msn.com) Received: from x86w2kw1 - 216.103.48.12 by email.msn.com with Microsoft SMTPSVC; Sun, 25 Feb 2001 14:03:01 -0800 Message-ID: <0b4b01c09f77$3c65c100$0101a8c0@development.local> From: "John Howie" To: Cc: "FreeBSD Stable" References: <002901c09f72$66ebee40$660599ac@winme> <20010225163636.H767@ohm.physics.purdue.edu> Subject: Re: Possible Security Vulnerability Date: Sun, 25 Feb 2001 14:06:42 -0800 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Will, I am afraid that I have to respectfully disagree with your sweeping statement that a DoS is not a security vulnerability and that a Security Vulnerability is defined as an elevation of privilege. A vulnerability is defined as 'anything that can be exploited to an advantage' and a Security Vulnerability is one that relates directly to the security and/or integrity of the system, in particular one that breaks the three 'A's - Authentication, Authorization, and Audit/Accountability. If a machine is used as a logging server (for syslog perhaps) and you could crash it prior to attempting an attack on another machine then yes, this is a security issue. Any DoS can be interpreted as a security issue depending on the environment and circumstances, and a standard Risk Assessment would identify it as such. However, you are 100% right that we do not have enough information to act further here. Perhaps the problem is an exhaustation of resources. Jonathon, please supply more information about the environment in which this occurred. And yes, this is probably better in another newsgroup and not -security. Regards, john... ----- Original Message ----- From: "Will Andrews" To: "Jonathan Slivko" Cc: "FreeBSD Stable" Sent: Sunday, February 25, 2001 1:36 PM Subject: Re: Possible Security Vulnerability [ moved to -stable ] On Sun, Feb 25, 2001 at 04:32:04PM -0500, Jonathan Slivko wrote: > I have been testing the security on my machine (FreeBSD 4.2-STABLE) and > I noticed a bug that could potentially reboot a box from any type of user, > root or regular user. What I did was I just gave the box a whole bunch of w > commands like w;w;w;w;w, etc. and just let that run. A few seconds later, > the box coredumped and rebooted. I got this to occur several times in a row. > Is this some kind of known vulnerability or is this just something that will > have to be investigated further? If interested in more details, please feel > free to e-mail me. Thanks. That's not a security vulnerability (ie defined as something which gives an attacker elevated privileges), that's a bug. Nevertheless, I can't reproduce it.. possibly because you've given next to nothing as far as details go. -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message