Bugtraq mailing list archives

TCP bug on old Solaris box ?

From: Gilles.Soulet () cst cnes fr (Gilles Soulet)
Date: Fri, 20 Dec 1996 16:06:44 +0100


Hi Folks.

Doing nasty things with my old 2.3 Sun box, I noticed that
Solaris exits gracefully from a listen/accept call BEFORE
the three-way handshake is completed. That is, you exit
successfully from accept() as soon as the first SYN arrives !

Solaris 2.5 has a much better behavior and exits from accept()
only if the three-way handshake is completed. Do people noticed
something similar ? Any comments ?

  ~Gillus

PS: Oh, by the way : of course, this is bad news for the guys who
try to stealthly scan the TCP ports of the solaris 2.3 target, for example
with ETCP, since the old box urges syslog for incoming connections anyway...

He he  ;-)

Current thread:

CIAC Bulletin H-17: cron/crontab Buffer Overrun Vulnerabilities, (continued)
- - CIAC Bulletin H-17: cron/crontab Buffer Overrun Vulnerabilities David Crawford (Dec 19)
  - NT vulnerable to attack on CPU Aleph One (Dec 19)
  - CERT/AUCERT Mycroft (Dec 19)
    - Re: CERT/AUCERT itudps (Dec 19)
    - Re: CERT/AUCERT Aleph One (Dec 19)
    - Re: CERT/AUCERT Theo de Raadt (Dec 19)
    - Slow vendor response Alan Cox (Dec 20)
    - CERT Bashing, etc Aleph One (Dec 19)
    - Re: CERT/AUCERT Yuri Volobuev (Dec 19)
    - Re: CERT/AUCERT Tung-Hui Hu (Dec 19)
    - TCP bug on old Solaris box ? Gilles Soulet (Dec 20)
    - Re: TCP bug on old Solaris box ? Nathan Lawson (Dec 21)
    - Buffer overflow in Linux's login program Joe Zbiciak (Dec 22)
    - Solaris 2.5 x86 aspppd (semi-exploitable-hole) Thamer Al-Herbish (Dec 20)
    - CERT, CIAC, etc. and unethical practices Thamer Al-Herbish (Dec 20)
    - ANNOUNCE: Crack v5.0a available... Alec Muffett (Dec 20)
    - Security Survey Aleph One (Dec 20)