On Tue, Jan 18, 2000 at 02:44:38PM -0800, The Tree of Life wrote:
> When I talked to another person to ask if he had 'acquired' the source, he
> said he wasn't going to give it out. I asked him if he had a patch for it,
> and he replied "the fbsd team is working on it. No patch is available right
> now."
>
> What's the importance of this? Major companies such as Yahoo
> (www.yahoo.com) and others run freebsd.
Major companies have firewalls too, but from what it sounds like, this
attack may crash/freeze/reboot/whatever them as well.
> According to the irc admin, a simple reboot fixes it. "Your box reboots or
> dies." He also stated, when asked if anything noticeable happened, that
> "nothing unusual [happened]".
>
> The only log that he could provide was this one:
>
> ---snip---
> syslog:Jan 18 12:30:36 x kernel: Kernel panic: Free list empty
> ---snip---
[hawk-billf] /sys > find . |xargs grep -ie 'free list empty'
[hawk-billf] /sys > uname -mrs
FreeBSD 4.0-CURRENT i386
> One thing of note: he also stated this happened on non-freebsd systems,
> which is contrary to what the other person said, who was "under the
> impression it was freebsd specific."
The above is a Linux panic, so it obviously works on non-FreeBSD machines.
It's a pity to attach FreeBSD to this exploit, as it obviously isn't specific
to just the FreeBSD stack. I wish the FUD would just go away sometimes.
--
Bill Fumerola - Network Architect
Computer Horizons Corp - CVM
e-mail: [EMAIL PROTECTED] / [EMAIL PROTECTED]
Office: 800-252-2421 x128 / Cell: 248-761-7272
ps. I'm not speaking for CHC or for FreeBSD...
