Bug 2984 - d.o.s. attack against panel/applets
d.o.s. attack against panel/applets
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: gnome-core (Show other bugs)
6.0
sparc Linux
high Severity medium
: ---
: ---
Assigned To: Elliot Lee
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 1999-05-23 12:30 EDT by Marco Colombo
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 1999-06-09 16:19:00 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marco Colombo 1999-05-23 12:30:29 EDT
It seems that each applet added to the panel open a
LISTENing socket. telneting to that port causes that
applet to crash (i.e. disappear from the panel). Sometimes
the panel it self crashes. Here's the output of a netstat:
tcp        0      0 *:1176
*:*                     LISTEN
tcp        0      0 *:1175
*:*                     LISTEN
tcp        0      0 *:1174
*:*                     LISTEN
tcp        0      0 *:1173
*:*                     LISTEN
tcp        0      0 *:1172
*:*                     LISTEN
tcp        0      0 *:1171
*:*                     LISTEN
tcp        0      0 *:1164
*:*                     LISTEN

this kind of attack has been tested from both the same
system (where the ports can be easily discovered) and
a remote one (from which you have to scan all ports above
1024).
Comment 1 Elliot Lee 1999-05-25 19:28:59 EDT
Just verified that this happens, and know the solution. It's an
ORBit/tcp_wrappers interaction that only happens on the sparc or other
platforms that have -fpic _NEEDED_ for shared libraries. Will try to
get a fix done this week.
Comment 2 Owen Taylor 1999-06-09 16:19:59 EDT
Fixed in ORBit-0.4.3-3.sparc.rpm in errata.
(This was a bad interaction between in ORbit and tcp_wrappers)

Note You need to log in before you can comment on or make changes to this bug.