Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] Classical DOS attack on Linux
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Wed, 19 Dec 2001 15:53:20 +0100 (MET)
  • Message-id: <Pine.LNX.4.43.0112191552230.18283-100000@xxxxxxxxxxxx>
>
> I tested that on SuSE 7.3, Kernel 2.4.15aa1 while logged in as normal user
> on /dev/tty. I did not get the system to it's knees BUT:
>
> During the 'while' run i was also logged in as root on the second console.
> The following happened:
>
> root[root]# top
> Segmentation fault
> root[root]# man top
> Segmentation fault
> root[root]# killall sleep
> root[root]# top
> [...] top runs [...]
> root[root]# man top
> [...] man top [...]
>
> Of course no coredumps are written (file with 0 bytes, ulimit -c > 0).
> Don't know how many binaries are affected by that but man (link to mandb)
> runs setuid root.
>
> Also to mention: The segfaults don't occur when man or top are executed as
> normal user. Bash then complaints about too many open files and goes back
> to the normal prompt.
>
> Best regards,
> --Andreas

Can you please try again with the kernel from
ftp://ftp.suse.com/pub/people/mantel/next/RPM/ ?


Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> // "You don't need eyes to see, |
SuSE GmbH - Security Phone: // you need vision!"
| N├╝rnberg, Germany +49-911-740530 // Maxi Jazz, Faithless |
- -


< Previous Next >
Follow Ups
References