Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Nmap Hackers: Re: Sun finally releases patch for nmap inetd denial of service issue

Re: Sun finally releases patch for nmap inetd denial of service issue

From: <lamont_at_icopyright.com>
Date: Mon, 25 Sep 2000 11:17:22 -0700 (PDT)

The one-line description of the problem "accept() hangs after successful
select()" makes it sound more like its an OS issue than an inetd bug.
That would be an important clarification, since it would affect other
programs as well.

On Mon, 25 Sep 2000, Alek O. Komarnitsky (N-CSC) wrote:
> There was some Email discussion a while ago about running nmap
> can cause problems for inetd. Specifically, I've was able to
> reliabily cause a small percentage (5-10%) of "scanned" machines
> to "hang" inetd ... so that subsequent connections were hung.
> I'm just basically doing a single TCP port scan at something that is
> handled by inetd (rather than a standalone process). You can usually
> "unfreeze" it by doing a 'echo "" | telnet HOSTNAME PORTNUMBER'
>
>
> There was a patch for HPUX (PHNE_16832) that fixed this problem there.
>
>
> On Sun Solaris, there was an issue with inetd actually DYING, but that
> was fixed some time ago ... but the "hanging" inetd continues.
>
> Good News: Sun recently released Patch 109104-04 ... which based on
> my testing of 50+ machines, *DOES* fix the problem. I.e. I can nmap
> these puppies to death and inetd doesn't blink an eye - the README says:
> 4337605 inetd Denial of Service Attack - accept() hangs after successful select()
>
>
> Bad News: This patch is for Solaris 2.7 ONLY ... I've had some
> discussions with Sun and "suggested" they release 2.6 & 2.8 versions;
> since I can reliably "hang up" inetd 5-10% of the time on those.
> I've got about 500 of these machines (all recently patched),
> so a semi-decent testbed to use! ;-)
>
>
> I'll let folks know what I hear about 2.6 & 2.8 patch availability.
> alek
>
> P.S. Pls note that this is NOT nmap's "fault" ... but rather buggy inetd;
> which should be more robust.
>
> --------------------------------------------------
> For help using this (nmap-hackers) mailing list, send a blank email to
> nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
>

--------------------------------------------------
For help using this (nmap-hackers) mailing list, send a blank email to
nmap-hackers-help_at_insecure.org . List run by ezmlm-idx (www.ezmlm.org).
Received on Sep 25 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos