Debian Bug report logs -
#22184
hi. I'd like to point out a possible bug.
Reported by: Rage NotGiven <rage@email.ro>
Date: Thu, 7 May 1998 03:03:01 UTC
Severity: normal
Done: Robert Woodcock <rcw@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org:
Bug#22184.
(full text, mbox, link).
Acknowledgement sent to Rage NotGiven <rage@email.ro>:
New bug report received and forwarded.
Your message didn't have a Package: line at the start (in the
pseudo-header following the real mail header), or didn't have a
psuedo-header at all.
This makes it much harder for us to categorise and deal with your
problem report; please ensure that you say which package(s) and
version(s) the problem is with next time. Some time in the future the
problem reports system may start rejecting such messages.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
I've found a Denial Of Service attack that seems only to crash Debian Linux.
I'v tried this attack on other Debian users, it crashed them. I have tried
it on slackware, redhat, windows, and some misca linuxes, and it does
not crash then. it involves sending 1000 spoofed SYN packets to each of these
ports in this order: 7,9,13,19,21,23,37,80,111,137,138,139, and 194
I don't know how or why this works, but i know it does. the entire
system stops responding, and it just keeps printing this message:
Ouch, no kerneld message from XXXXXXXXXX
that's when it dies. Sometimes it reboots shortly after. I would appreciate feedback
on this matter. my email is rage@email.ro Thanks in advance.
_____________________________________________________________________
Do you want a free e-mail for life ? Get it at http://www.email.ro/
Bug assigned to package `kernel-package'.
Request was from jdassen@wi.leidenuniv.nl
to control@bugs.debian.org.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Manoj Srivastava <srivasta@debian.org>:
Bug#22184; Package kernel-package.
(full text, mbox, link).
Acknowledgement sent to Manoj Srivastava <srivasta@datasync.com>:
Extra info received and forwarded to list. Copy sent to Manoj Srivastava <srivasta@debian.org>.
(full text, mbox, link).
Message #12 received at 22184@bugs.debian.org (full text, mbox, reply):
reassign 22184 kernel-source-2.0.33
quit
Hi,
kernel-package does not seem appropriate for this report; all
kernel-package does is arrange to have a make run in the kernel sorce
tree, and has no control over how the resulting kernel handles SYN
packets. However, I think I shall reassign it to kernel-source, in
the hope that Herbert can do something with it.
I am also copying this to the security response team, since
this is an issue that needs to be investigated and clarified ASAP.
manoj
______________________________________________________________________
I've found a Denial Of Service attack that seems only to crash Debian
Linux. I'v tried this attack on other Debian users, it crashed
them. I have tried it on slackware, redhat, windows, and some misca
linuxes, and it does not crash then. it involves sending 1000 spoofed
SYN packets to each of these ports in this order:
7,9,13,19,21,23,37,80,111,137,138,139, and 194 I don't know how or why
this works, but i know it does. the entire system stops responding,
and it just keeps printing this message: Ouch, no kerneld message from
XXXXXXXXXX that's when it dies. Sometimes it reboots shortly after. I
would appreciate feedback on this matter. my email is rage@email.ro
Thanks in advance.
______________________________________________________________________
--
"Being against torture ought to be sort of a multipartisan thing."
Karl Lehenbauer, as amended by Jeff Daiell, a Libertarian
Manoj Srivastava <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Information forwarded to debian-bugs-dist@lists.debian.org, Herbert Xu <herbert@debian.org>:
Bug#22184; Package kernel-source-2.0.33.
(full text, mbox, link).
Acknowledgement sent to Herbert Xu <herbert@gondor.apana.org.au>:
Extra info received and forwarded to list. Copy sent to Herbert Xu <herbert@debian.org>.
(full text, mbox, link).
Message #19 received at 22184@bugs.debian.org (full text, mbox, reply):
Please provide more information, e.g., Debian kernel package version, code to
exploit the bug, kernel versions of other Linux systems that you tested
against. Thanks.
--
Debian GNU/Linux 1.3 is out! ( http://www.debian.org/ )
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Reply sent to Robert Woodcock <rcw@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Rage NotGiven <rage@email.ro>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #26 received at 22184-done@bugs.debian.org (full text, mbox, reply):
DIE
--
Robert Woodcock - rcw@debian.org
"Hacking... is a completely creepy thing to do." -- US Department Of Justice
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Fri Apr 26 19:30:36 2024;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.