Bugtraq: Solaris Ping Bug and other [bc] oddities

[owner-bugtraq () NETSPACE ORG (Aleph One)]

Greets,

Just finished reading through the 'Summary' of Solaris Ping bud (DoS)'
email and figured I would empart a bit of ?wisdom? with people.

First, let me say this isn't a slam on Dan Bell. Now that that's out of
the way.

For those thinking about following Dan Bell's <dbell () blaze cs jhu edu>
lead:

> The only solution I've got (as I lack working code for ping), has
> actually
> been to use my ancient SunOS version in binary compatibility mode. It's a
> disgusting thing to do, but the old version doesn't have this bug. I've
> only applied this kludge on undergraduate machines, where I know they'll
> crash them just for the hell of it :).
Not only is is a disgusting solution but a very insecure one. This relies
upon libbc (if memory serves), which ostensibly stands for Binary
Compatibility. In fact we know this to really stand for lib Before Christ.

It's your choice should you take this route and not the others - let the
user crash the machine... or give them route through the binary
compatibility routines (buffer overflows, popen's etc. etc.). I highly
recommend people pulling binaries from SunOS machines and trussing them on
Solaris. Guranteed to cheer up even the most manic depressive.

.mudge