Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 19 Apr 1999 11:56:48 -0400 (EDT)
From:      Robert Watson <robert@cyrus.watson.org>
To:        Chris <freebsd@hiway1.exit109.com>
Cc:        security@freebsd.org
Subject:   Re: poink and freebsd
Message-ID:  <Pine.BSF.3.96.990419115255.9273I-100000@fledge.watson.org>
In-Reply-To: <Pine.BSF.3.96.990419104522.10379A-100000@hiway1.exit109.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 19 Apr 1999, Chris wrote:

> im sure ya'll have heard of poink, an exploit against freebsd/openbsd
> machines (these are the boxes i have tested on) it appears to work very
> efficiently in killing freebsd 3.1 - freebsd 3.0 machines, against one of
> our freebsd 2.2.5 machines, it did bring up the error messages in
> /var/log/messages (arp lookups) but didnt kill the machine like the
> others...
> 
> im just wondering if there are any patches for this, and i noticed there
> is no mention of it on freebsd's website....

Interestingly, I haven't heard about this one, and it doesn't appear to be
on rootshell, etc.  The only "poink" I could find reference to was an
alternative ping program that doesn't require root access--I assume that
means it uses udp or something to try and get a response (perhaps looking
for a connection refused ICMP except on the socket?).  I may just have
missed it in passing, of course, given the vast quantities of email that
go through around here :-).

Since it doesn't appear to have been reported, send a copy of the source
to security-officer@freebsd.org, and feel free to CC me a copy so I can
take a look.

  Robert N Watson 

robert@fledge.watson.org              http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37  ED 5F 55 E9 58 04 6A B1

Carnegie Mellon University            http://www.cmu.edu/
TIS Labs at Network Associates, Inc.  http://www.tis.com/
Safeport Network Services             http://www.safeport.com/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990419115255.9273I-100000>