Bug 2984

Summary: d.o.s. attack against panel/applets
Product: [Retired] Red Hat Linux Reporter: Marco Colombo <marco>
Component: gnome-coreAssignee: Elliot Lee <sopwith>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: high    
Version: 6.0Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: sparc   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-06-09 20:19:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Marco Colombo 1999-05-23 16:30:29 UTC 
It seems that each applet added to the panel open a
LISTENing socket. telneting to that port causes that
applet to crash (i.e. disappear from the panel). Sometimes
the panel it self crashes. Here's the output of a netstat:
tcp        0      0 *:1176
*:*                     LISTEN
tcp        0      0 *:1175
*:*                     LISTEN
tcp        0      0 *:1174
*:*                     LISTEN
tcp        0      0 *:1173
*:*                     LISTEN
tcp        0      0 *:1172
*:*                     LISTEN
tcp        0      0 *:1171
*:*                     LISTEN
tcp        0      0 *:1164
*:*                     LISTEN

this kind of attack has been tested from both the same
system (where the ports can be easily discovered) and
a remote one (from which you have to scan all ports above
1024).
Comment 1 Elliot Lee 1999-05-25 23:28:59 UTC 
Just verified that this happens, and know the solution. It's an
ORBit/tcp_wrappers interaction that only happens on the sparc or other
platforms that have -fpic _NEEDED_ for shared libraries. Will try to
get a fix done this week.
Comment 2 Owen Taylor 1999-06-09 20:19:59 UTC 
Fixed in ORBit-0.4.3-3.sparc.rpm in errata.
(This was a bad interaction between in ORbit and tcp_wrappers)