Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Livingston bugs...
From: phil () netdoor com (Phillip Moore)
Date: Tue, 12 Sep 1995 15:47:33 -0500

On Tue, 12 Sep 1995, Jay 'Whip' Grizzard wrote:

I saw the "pmcrash" program, but I never saw the commentary on it that
was supposedly sent before the exploit was sent. Anyone know the details
of how it works? (other than the obvious explenation provided by reading
the source...)

It was simply to telnet to the portmaster and send the break character.
This would cause the PM to reboot.

I, personally, can't understand such a passive attitude on the part of
Livingston -- I personally would call a bug where you can crash virtually
anyone's network connection, from virtually anywhere in the world, to be
a major bug. Maybe it's just me...

I am on the portmasters mailing list as well, and a representative from
Livingston said he "considered it a feature and not a bug".  I find this
hard to believe too, and have been complaining about it to all those around
me for several days!

ObBugTraq: Apparently (at least, under limited testing), putting up a filter
to prevent folks from getting to your login port from the outside world
will protect you -- Except I don't _want_ to have to start filtering things
out, and in some circuimstances (backbone routers, etc), it's not exactly
a viable option. Do YOU want to have the bandwith of several T1's all
running through a filter before they get off the router? No, thanks...

Another solution is to change the telnet port for the PM.  Its not a
permanent solution, but it would stop those would-be crackers that just try
to telnet to the PM, not knowing the correct port number.

Phillip Moore           office: 601.952.1570
Internet Doorway, Inc.  fax   : 601.952.1573
Systems Administrator   www   : http://www.netdoor.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]