Re: Possible Security Vulnerability

From: John Howie (JHowie@msn.com)
Date: 02/25/01 

From: "John Howie" <JHowie@msn.com>
To: <freebsd-security@freebsd.org>
Date: Sun, 25 Feb 2001 14:06:42 -0800

Will,

I am afraid that I have to respectfully disagree with your sweeping
statement that a DoS is not a security vulnerability and that a Security
Vulnerability is defined as an elevation of privilege. A vulnerability is
defined as 'anything that can be exploited to an advantage' and a Security
Vulnerability is one that relates directly to the security and/or integrity
of the system, in particular one that breaks the three 'A's -
Authentication, Authorization, and Audit/Accountability. If a machine is
used as a logging server (for syslog perhaps) and you could crash it prior
to attempting an attack on another machine then yes, this is a security
issue. Any DoS can be interpreted as a security issue depending on the
environment and circumstances, and a standard Risk Assessment would identify
it as such.

However, you are 100% right that we do not have enough information to act
further here. Perhaps the problem is an exhaustation of resources. Jonathon,
please supply more information about the environment in which this occurred.
And yes, this is probably better in another newsgroup and not -security.

Regards,

john...

----- Original Message -----
From: "Will Andrews" <TrimYourCc@physics.purdue.edu>
To: "Jonathan Slivko" <js43064n@pace.edu>
Cc: "FreeBSD Stable" <stable@FreeBSD.org>
Sent: Sunday, February 25, 2001 1:36 PM
Subject: Re: Possible Security Vulnerability

[ moved to -stable ]

On Sun, Feb 25, 2001 at 04:32:04PM -0500, Jonathan Slivko wrote:
> I have been testing the security on my machine (FreeBSD 4.2-STABLE)
and
> I noticed a bug that could potentially reboot a box from any type of user,
> root or regular user. What I did was I just gave the box a whole bunch of
w
> commands like w;w;w;w;w, etc. and just let that run. A few seconds later,
> the box coredumped and rebooted. I got this to occur several times in a
row.
> Is this some kind of known vulnerability or is this just something that
will
> have to be investigated further? If interested in more details, please
feel
> free to e-mail me. Thanks.

That's not a security vulnerability (ie defined as something which gives
an attacker elevated privileges), that's a bug. Nevertheless, I can't
reproduce it.. possibly because you've given next to nothing as far as
details go. 

--
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • SecurityFocus Microsoft Newsletter #165
    ... Tenable Security ... distribute, manage, and communicate vulnerability and intrusion detection ... Microsoft Internet Explorer MHTML Forced File Execution Vuln... ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #174
    ... This issue sponsored by: Tenable Network Security ... the worlds only 100% passive vulnerability ... MICROSOFT VULNERABILITY SUMMARY ... Novell Netware Enterprise Web Server Multiple Vulnerabilitie... ...
    (Focus-Microsoft)
  • [NT] Cumulative Security Update for Internet Explorer (MS04-038)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... CSS Heap Memory Corruption Vulnerability, ... Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6 ...
    (Securiteam)
  • SecurityFocus Microsoft Newsletter #171
    ... Better Management for Network Security ... GoodTech Telnet Server Remote Denial Of Service Vulnerabilit... ... ASPApp PortalAPP Remote User Database Access Vulnerability ...
    (Focus-Microsoft)
  • SecurityFocus Microsoft Newsletter #160
    ... MICROSOFT VULNERABILITY SUMMARY ... Geeklog Forgot Password SQL Injection Vulnerability ... Atrium Software Mercur Mailserver IMAP AUTH Remote Buffer Ov... ... Sun Java Virtual Machine Slash Path Security Model Circumven... ...
    (Focus-Microsoft)