Bugtraq mailing list archives
Bug in gpm
From: cadence () APOLLO ACI COM PL (Tomasz Grabowski)
Date: Tue, 20 Jun 2000 15:21:16 +0200
Hello. More than 6 months ago I discovered some kind of DoS bug in gpm shipped with RedHat 6.1 (propably others). Regular user can simply DoS the gpm or (in several circumstances) the whole system. In general the problem is that /dev/gpmctl uses STREAM and You can flood it with many faked connections. One week ago RedHat announced that the bug is *FIXED* now and everyone can download a new version of this package from redhat-rawhide (/pub/Linux/redhat-rawhide/i386/RedHat/RPMS/gpm-1.19.2-1.i386.rpm), so I decided to drop a note here. The funny thing is that I couldn't find info about it in ChangeLog of this package... If You want to play with it try attached code. ___ Tomasz Grabowski [Akademickie Centrum Informatyki] {CADENCE of Lam3rZ} The progress only comes through struggle... <HR NOSHADE> <UL> <LI>TEXT/PLAIN attachment: fgpm.c </UL>
Current thread:
- Bug in gpm Tomasz Grabowski (Jun 20)