In some mail from The Tree of Life, sie said: > > I've been informed today by an irc admin that a new exploit is circulating > around. It "sends tcp-established bitstream shit" and makes the "kernel > fuck up". > > It's called stream.c. > > The efnet ircadmin told me servers on Exodus (Exodus Communications) were being > hit and they managed to get a hold of the guy. When asked what was going > on, he just said "stream.c". > > When I talked to another person to ask if he had 'acquired' the source, he > said he wasn't going to give it out. I asked him if he had a patch for it, > and he replied "the fbsd team is working on it. No patch is available right > now." > > What's the importance of this? Major companies such as Yahoo > (www.yahoo.com) and others run freebsd. > > According to the irc admin, a simple reboot fixes it. "Your box reboots or > dies." He also stated, when asked if anything noticeable happened, that > "nothing unusual [happened]". > > The only log that he could provide was this one: > > ---snip--- > > syslog:Jan 18 12:30:36 x kernel: Kernel panic: Free list empty > > ---snip--- > > One thing of note: he also stated this happened on non-freebsd systems, > which is contrary to what the other person said, who was "under the > impression it was freebsd specific." > > I have the source, which I'm not going to post for 2-3 days (give time for > fbsd to work on the fix). If it isn't out before the 21st, I'll post it up. > > ---snip--- The above kernel message is from Linux 2.2, *NOT* FreeBSD. The behaviour and impact would appear to vary from OS to OS and maybe platform too. It does not appear to cause Solaris7/NetBSD to panic (in a hurry anyway). Darren
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:29:47 PDT