Bugtraq mailing list archives

Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing

From: perry () imsi com (Perry E. Metzger)
Date: Mon, 10 Jul 1995 07:34:02 -0400


"Dr. Frederick B. Cohen" writes:

        I was trying a loop test to stress performance on our secure W3
server and found that inetd under SunOS detects what it thinks to be
loops and shuts down all httpd services untill a kill -HUP is sent to
the inetd process.  How is this bug/feature controlled, and doesn't this
lead very directly to denial of services attacks?

Jul  9 08:06:03 all inetd[122]: httpd/tcp server failing (looping), service t

erminated

BUGTRAQ is for security holes, not for vendor features, no matter how
misguided. Having said that:

This is in fact a standard Berkeley inetd feature -- you need source
to turn it off, although I believe Sun has a "patch" for 4.1.x that
consists of an inetd with an option to turn off the "feature".

.pm

Current thread:

Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4), (continued)
- - - Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Henri Karrenbeld (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Marek Michalkiewicz (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) James Seng (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Henri Karrenbeld (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Aleph One (Jul 13)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Jeremy Fitzhardinge (Jul 13)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) James W. Abendschan (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Lyndon Nerenberg (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Aleph One (Jul 13)
    - Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Karl Strickland (Jul 10)
    - Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Perry E. Metzger (Jul 10)
    - Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing BioH (Jul 10)
    - Re: Exploit for Linux wu.ftpd hole Nathan Lawson (Jul 09)
  - Re: Exploit for Linux wu.ftpd hole Michael Shields (Jul 06)
    - Re: Exploit for Linux wu.ftpd hole Mike Edulla (Jul 07)
- Why are we using priveleged images / state so much? (Was Re: Paul Robinson (Jul 06)
  - Re: Why are we using priveleged images / state so much? (Was Re: Dr. Frederick B. Cohen (Jul 06)
  - Details of linux select(2) bug? Karl Strickland (Jul 07)
  - SM 8.6.12 Nathan Lawson (Jul 08)
    - Re: SM 8.6.12 Karl Strickland (Jul 08)
    - Re: SM 8.6.12 Christopher A. Stewart (Jul 11)

(Thread continues...)