On 01-Sep-99 Darren Reed wrote: >> >> This was first posted to the FreeBSD security list on the 9th of August, >> subsequently discussed on freebsd-stable and freebsd-hackers... no one >> seems to care, even though it is able to lock up 2.2.6, 2.2.8, and 3.2.x >> machines consistantly. I have also been told that it affects NetBSD and >> OpenBSD, though I haven't confirmed it. >> >> Someone with the know-how care to fix? > > Fixing this has been discussed internally, I imagine, by many of the > affected OS's. The problem is a resource stavation issue - in this > case mbuf's. Arguably, it shouldn't "lock up", just freeze up anything > that does networking. > > I imagine you could lock up more than just the *BSD's with this program. > > Darren In all the tests that I have conducted on my FreeBSD systems, both intel and alpha based, versions 2.2.2 through 4.0-19990809-CURRENT result in the machines rebooting after running this DoS. The only work-around for this is supposedly setting resource limits in the /etc/login.conf file or to prevent public access to the machines. Regards, Jeff
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:43 PDT