From owner-freebsd-security Fri Sep 10 13:57: 1 1999 Delivered-To: freebsd-security@freebsd.org Received: from xylan.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (Postfix) with ESMTP id BB5DF14BDD for ; Fri, 10 Sep 1999 13:56:53 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com by xylan.com (8.8.7/SMI-SVR4 (xylan-mgw 2.2 [OUT])) id NAA02205; Fri, 10 Sep 1999 13:55:42 -0700 (PDT) Received: from omni.xylan.com by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id NAA15158; Fri, 10 Sep 1999 13:44:57 -0700 Received: from softweyr.com (dyn4.utah.xylan.com) by omni.xylan.com (4.1/SMI-4.1 (xylan engr [SPOOL])) id AA26427; Fri, 10 Sep 99 13:55:40 PDT Message-Id: <37D9704C.CE395DC4@softweyr.com> Date: Fri, 10 Sep 1999 14:55:40 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en Mime-Version: 1.0 To: wdmgds Cc: freebsd-security@FreeBSD.ORG Subject: Re: *bsd crashes/freezes/hangs on local user xploit References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org wdmgds wrote: > > Dear /etc > > compile this code snipplet and wheep ... > it crashed and mutilated our 227 and 3x boxen.. > BSDi4 just freezes a couple of seconds, It nailed 3.1-RELEASE on (I think) the 4th trip through the while loop, on the first write. I can't test on my -CURRENT or -STABLE machines, they're both being used at the moment. Nothing about the code looks nefarious. Are we just creaming buffer space in a nasty way? -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://softweyr.com/ wes@softweyr.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message