Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Solaris Ping bug (DoS)
From: dalvenjah () DAL NET (Dalvenjah FoxFire)
Date: Wed, 9 Jul 1997 21:41:39 -0700

Fraggle put this into my mailbox:

Well, today I installed that patch on Sparc10 and proceeded to copy and
paste the ping command from this message...  I just got done reinstalling
the OS and reconfiguring the machine.

After I executed the ping, my machine not only rebooted but was unable to
load the kernel after that.

I'm going to hazard a guess that you were unable to load the kernel because
of a disk or software problem, not because of anything the ping bug or
patch did.

I installed this patch on a Sparc 5 running Solaris 2.5 last night. Note
that since it replaces kernel drivers (in /kernel/drv), not the ping binary
itself, you need to reboot in order for the fix to take effect.

I tested this by installing the patch and pinging the machine (with the
PoD args). It paniced, came up again, and after that was invulnerable to
the Ping of Death.

We'd installed the wrapper (the one that forces an -L on the commandline)
a week or so ago, and decided the best course of action would be to leave
it wrapped until we could be sure all the machines had been rebooted. Then
we would remove the wrapper and reinstall the original binary.

 Dalvenjah FoxFire (aka Sven Nielsen)  I once heard the voice of God. It
 Founder, the DALnet IRC Network       said "Vrrrrrmmmmmm." Unless it was
                                       just a lawn mower.

 e-mail: dalvenjah () dal net             WWW: http://www.dal.net/~dalvenjah/
 whois: SN90                           Try DALnet! http://www.dal.net/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]