From owner-freebsd-security  Mon Feb 26 15:50:23 2001
Delivered-To: freebsd-security@freebsd.org
Received: from giroc.albury.net.au (giroc.albury.NET.AU [203.15.244.13])
	by hub.freebsd.org (Postfix) with ESMTP id 05FFB37B401
	for <security@freebsd.org>; Mon, 26 Feb 2001 15:50:20 -0800 (PST)
	(envelope-from nicks@giroc.albury.net.au)
Received: (from nicks@localhost)
	by giroc.albury.net.au (8.11.1/8.11.1) id f1QNoHp81829
	for security@freebsd.org; Tue, 27 Feb 2001 10:50:17 +1100 (EST)
Date: Tue, 27 Feb 2001 10:50:17 +1100
From: Nick Slager <nicks@albury.net>
To: security@freebsd.org
Subject: bugtraq inetd DoS exploit
Message-ID: <20010227105017.A74709@albury.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
X-Homer: Whoohooooooo!
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


The inetd shipped with FreeBSD appears vulnerable to the inetd DoS
exploit posted on bugtraq.

inetd logs the following:

Feb 27 10:23:12 host inetd[5337]: ftp/tcp server failing (looping), service terminated

System:

% uname -v
FreeBSD 4.2-STABLE #1: Fri Feb  9 11:27:05 EST 2001
nicks@lorien.slartibartfast.net:/usr/src/sys/compile/LORIEN4

As a workaround, start inetd with the -C flag.


Nick

-- 
Nick Slager		| Quidquid latine dictum
			| sit, altum viditur.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message