Bugtraq mailing list archives

Re: DoS bug on Tru64

From: Matt Chapman <matthewc () cse unsw edu au>
Date: Thu, 31 Jan 2002 16:32:39 +1100

The same reproducibly occurs with ypbind on our Tru64 4.0D machines.  Tracing
it shows that it is probably an kernel rather than application bug.

select (4096, 0x11ffff608={0x00000060,...}, 0x0={}, 0x0={}, 0x11ffff608={}) = 1 [ , {0x00000020,...}, {}, {}, ]
accept (5, 0x11fffefc8, 0x11fffefc0=16) = 

That is, the select indicates that the socket is ready, but calling accept
blocks - presumably the connection has been dropped from the listen queue
in the meantime.

Matt



On Wed, Jan 30, 2002 at 10:27:21AM -0600, Jason Johns - SAS(IT) wrote:

Today we were using nmap to scan our network and when we scanned our
Tru64 machines, telnet and ftp froze and timed out. We could not make
any connections to those ports and existing connections froze. New
connections were denied for about a minute after the scan was finished.
I've checked with Compaq and on Securityfocus and neither place has any
knowledge of this. 

We are running Tru64 Unix 4.0D patch kit 3 on Alpha 4100's and 8400's.
The nmap command line that was used is:
nmap -T Polite -O -p 23,139 -oM /tmp/lst 'xxx.xxx.16-44.*' 


/Jason Johns

Current thread:

DoS bug on Tru64 Jason Johns - SAS(IT) (Jan 30)
- Re: DoS bug on Tru64 Dennis Jenkins (Jan 30)
- Re: DoS bug on Tru64 Matt Chapman (Jan 31)
- <Possible follow-ups>
- Re: DoS bug on Tru64 ellipse (Jan 30)
- RE: DoS bug on Tru64 Roberts Ross (Jan 30)
- Re: DoS bug on Tru64 Bob Dog (Jan 30)
  - Re: DoS bug on Tru64 Chris Adams (Jan 31)
- Re: DoS bug on Tru64 UCX Foe (Jan 31)
- Re: DoS bug on Tru64 Scott Brewster (Jan 31)