Re: IRIX XFS filesystem denial of service attack

From: H D Moore (sflistat_private)
Date: Mon Apr 15 2002 - 16:32:38 PDT

Next message: Alfonso Fiore: "Norton Personal Firewall 2002 vulnerable to SYN/FIN scan"

Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Microsoft IIS Vulnerabilities in Cisco Products - MS02-018"
Next in thread: Eric Sandeen: "Re: IRIX XFS filesystem denial of service attack"
Reply: Eric Sandeen: "Re: IRIX XFS filesystem denial of service attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Does this vulnerability affect the Linux XFS port? The XFS page has no 
information about this or whether there is a fix available:

http://oss.sgi.com/projects/xfs/

-HD

On Monday 15 April 2002 04:49 pm, SGI Security Coordinator wrote:
>
>                           SGI Security Advisory
>
>         Title:      IRIX XFS filesystem denial of service attack
>         Number:     20020402-01-P
>         Date:       April 15, 2002
>         Reference:  CAN-2002-0042
> -----------------------
> --- Issue Specifics ---
> -----------------------
>
> It has been reported that there is a vulnerability in IRIX's XFS
> filesystem. Under some circumstances, a user can create a file that would
> hang any application that would try to access it.  This has the potential
> to be used to create a Denial of Service attack.

Next message: Alfonso Fiore: "Norton Personal Firewall 2002 vulnerable to SYN/FIN scan"
Previous message: Cisco Systems Product Security Incident Response Team: "Cisco Security Advisory: Microsoft IIS Vulnerabilities in Cisco Products - MS02-018"
Next in thread: Eric Sandeen: "Re: IRIX XFS filesystem denial of service attack"
Reply: Eric Sandeen: "Re: IRIX XFS filesystem denial of service attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 16 2002 - 15:15:44 PDT