Bugtraq mailing list archives
Re: Fwd: Any user can panic OpenBSD machine
From: angelos () DSL CIS UPENN EDU (Angelos D. Keromytis)
Date: Mon, 27 Jul 1998 21:25:39 -0400
-----BEGIN PGP SIGNED MESSAGE----- To: Michael Fuhr <mfuhr () DIMENSIONAL COM> Subject: Re: Fwd: Any user can panic OpenBSD machine Cc: BUGTRAQ () NETSPACE ORG Date: 07/27/98, 21:25:36 In message <19980727180938.41315 () dimensional com>, Michael Fuhr writes:
disclosure, isn't it? I for one was appalled at the simplicity of the exploit in what's claimed to be one of the most secure operating systems around, especially since it doesn't appear to be a problem with the other BSDs.
While I'll agree that this is a very lame bug (in the sense that it shouldn't exist), one can hardly call it an exploit. It causes a machine to crash, but we already know how to do that in 32 different ways (and just as easy -- they don't even require a compiled program) once you can login (and for some OSes, even without logging in :-) I don't know why the person who complained did so, but I think he was unjustified. You were right to point that this is a full disclosure list. - -Angelos PS. The bug was fixed about 1 hour ago. -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface iQCVAwUBNb0okL0pBjh2h1kFAQGOvgP+P4gezPxGcXKdJ/CIZFH4u0HHQ88zt4/a dH3I7ye15/atCz3sFQ31rsQao7YJ/KkTZw8ljJ2b5IoGCPvKC4CTMVV51RJ85hf7 yoRMKOJpa3nHlwHGojfi7cMW+JlazlLQWbuL+WnApk8Iw03CESrDl8FMYG5rjLjE 5ny8qh/YW8w= =iCv8 -----END PGP SIGNATURE-----
Current thread:
- Re: small bug in 5/98 distribution Sun 4070627, (continued)
- Re: small bug in 5/98 distribution Sun 4070627 Casper Dik (Jul 27)
- FW: Alert: Arbitrary code execution via email or news Patrick Oonk (Jul 27)
- ISS Security Advisory -- MS Exchange 5.x Jon Larimer (Jul 27)
- [ NT SECURITY ALERT ] New Local GetAdmin Exploit MJE (Jul 27)
- Microsoft Security Bulletin (MS98-009) Aleph One (Jul 28)
- Microsoft Security Bulletin (MS98-008) Aleph One (Jul 27)
- Fwd: Any user can panic OpenBSD machine Michael Fuhr (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine David Maxwell (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Dag-Erling Coidan Smørgrav (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Michael Fuhr (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Angelos D. Keromytis (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 27)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Theo de Raadt (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Alfred Huger (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Perry E. Metzger (Jul 28)
- CERT Vendor-Initiated Bulletin VB-98.07 - OpenVMS.LOGINOUT (fwd) Phillip R. Jaenke (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine Timothy J Luoma (Jul 28)
- Re: Fwd: Any user can panic OpenBSD machine David Maxwell (Jul 28)