[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] RE: Linux kernel scm_send local DoS

To: security@xxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] RE: Linux kernel scm_send local DoS
From: Leif Sawyer <lsawyer@xxxxxxx>
Date: Tue, 14 Dec 2004 08:17:53 -0900

> From: Paul Starzetz [mailto:ihaquer@xxxxxxx] 
> 
> A  locally  exploitable  flaw  has been found in the Linux 
> socket layer, that allows a local user to hang a vulnerable
> machine.

Tested on UltraSparc 32-bit userland, Gentoo 2004.3  2.6.7-rc2 SMP

Results:


$ gcc -o sdmdos sdmdos.c
$ sudo init S
# ./sdmdos

sendmsg: Invalid argument

#


....Excellent....


I *love* running Linux on Sparc.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] RE: Linux kernel scm_send local DoS
  - From: Paul Starzetz

Prev by Date: [Full-Disclosure] Re: Linux kernel IGMP vulnerabilities
Next by Date: [Full-Disclosure] Yahoo! Mail Cross-Site Scripting Vulnerability
Previous by thread: [Full-Disclosure] [Correction For]: Secure Network Operations SNOsoft Research Team [SRT2004-12-14-0322] Symantec LiveUpdate Advisory
Next by thread: [Full-Disclosure] RE: Linux kernel scm_send local DoS
Index(es):
- Date
- Thread