Subject: kern/6842: security: DOS attack
To: None <>
From: Wolfgang Rupprecht <>
List: netbsd-bugs
Date: 01/18/1999 15:31:06
>Number:         6842
>Category:       kern
>Synopsis:       very nasty hangs uncovered by security tool
>Confidential:   yes
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people (Kernel Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jan 18 15:35:01 1999
>Originator:     Wolfgang Rupprecht
W S Rupprecht Computer Consulting, Fremont CA
>Release:        NetBSD-current 1/5/99
System: NetBSD 1.3I NetBSD 1.3I (WSRCC) #0: Tue Jan 5 06:30:38 PST 1999 i386

	running the security scanner makes netbsd go "uhg".
	ftp, compile, run the following:

		nmap -O   ;-)

	The most visible effects of this tool are crashed routers (not
	a netbsd problem) and wedged X11 and xdm.  After an attack xdm
	is wedged and unkillable (via kill -9), and netbsd is pretty
	much insane.  I had to reboot to get back a workable system.


	unplug the ethernet, turn down the lights and chant.
	I've marked this PR as confidetial, and used bland subject and
	summary fields. Feel free to change it.  I just figured its
	easier to downgrade security than upgrade it.