Bugtraq mailing list archives

Re: Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability

From: bright () WINTELCOM NET (Alfred Perlstein)
Date: Fri, 2 Jun 2000 14:49:54 -0700


* Ussr Labs <labs () USSRBACK COM> [000602 13:08] wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability


[snip same old story about exhausting mbufs]

FreeBSD 4 and above are not vulnerable if proper limits are put
into place.  These limits should be setup at the same time other
limits (such as 'maxproc' to disallow forkbombing) are set up.

Please see the the RLIMIT_SBSIZE option for setrlimit(2), it allows
a reasonable limit to be set for users socket buffers.

An undocumeted (which I just fixed) option for login.conf(5) 'sbsize'
allows this restriction to be put into place for users:

        :sbsize=1048576:\

Of course the real solution is rmuser(8), but that's a matter of
policy.

hope this helps,

--
-Alfred Perlstein - [bright () wintelcom net|alfred () freebsd org]
"I have the heart of a child; I keep it in a jar on my desk."

Current thread:

Re: IBM HTTP SERVER / APACHE typo () INFERNO TUSCULUM EDU (Jun 01)
- <Possible follow-ups>
- Re: IBM HTTP SERVER / APACHE H D Moore (Jun 01)
  - Re: IBM HTTP SERVER / APACHE Luke Harless (Jun 01)
  - Security Administration comes to LISA 2000 Cat Okita (Jun 01)
  - Remote DoS attack in RealServer: USSR-2000043 David Cotter (Jun 01)
  - ipx storm Jacek Lipkowski (Jun 02)
  - Microsoft Security Bulletin (MS00-032) Microsoft Product Security (Jun 02)
  - Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability Ussr Labs (Aug 02)
    - Piranha password file frostman () SECUREACCESS INTRANETS COM (Jun 02)
    - Re: Piranha password file arkth (Jun 08)
    - Re: Local FreeBSD, Openbsd, NetBSD, DoS Vulnerability Alfred Perlstein (Jun 02)
    - New Allaire Security Zone Bulletins Aleph One (Jun 08)
- Re: IBM HTTP SERVER / APACHE . Hecix (Jun 02)
- Re: IBM HTTP SERVER / APACHE Marc Slemko (Jun 03)