Slashdot Mirror


Remotely Crash OpenBSD

*no comment* writes "If you are running OpenBSD on your IPv6 install, it might be time to upgrade to -current. (just kidding) There is, however, a way to crash OpenBSD 3.4 with a couple of simple IPv6 commands. Georgi Guninski, found the problem. To quote Theo, 'it is just a crash.'" It is unknown if the bug could be used to execute arbitrary code, but it does require patching a Linux kernel (or rolling your own network stack) to exploit.

13 of 407 comments (clear)

  1. Double standards? by Threni · · Score: 5, Insightful

    I'm thinking that if someone from Microsoft stated "It's just a crash" the editors here would be just a touch more sarcastic...

    1. Re:Double standards? by spitzak · · Score: 4, Insightful

      He IS being sarcastic. If this was a Microsoft bug and they said "It's just a crash" it surely would be quoted exactly the same way, because it is a silly statement. Let's see:

      *no comment* writes "If you are IPv6 on WinXP, it might be time to upgrade to Linux (just kidding). There is, however, a way to crash WinXP with a couple of simple IPv6 commands. Georgi Guninski, found the problem. To quote Bill Gates, 'it is just a crash.'" It is unknown if the bug could be used to execute arbitrary code, but it does require patching a Linux kernel (or rolling your own network stack) to exploit.

      Okay, now that the wording has been changed to Microsoft, doesn't it suddenly look like a typical rabid-anti-Microsoft Slashdot article? You are so blinded by the belief that everything is anti-Microsoft that you cannot even see people being sarcastic about anything not Microsoft!

  2. Re:Does this count? by inertia187 · · Score: 5, Insightful

    I don't think the IPv6 install is the default. Even if it is, 'it's just a crash' not a remote hole. So, yes they can still boast.

    --
    A programmer is a machine for converting coffee into code.
  3. Re:Oh wow by lxs · · Score: 4, Insightful

    I'd rather have a box crashed than a box rooted. But maybe I'm just funny that way.

  4. Re:Does this count? by timeOday · · Score: 3, Insightful
    Guess it depends on how you define "hole."

    Personally I don't like random people crashing my servers, so I'd call it a hole!

  5. It's called selective quoting by Flower · · Score: 5, Insightful
    Without seeing Theo's complete statement you can't tell if the statement is dismissive (something I find difficult to believe) or if it is qualifying - i.e. the exploit only produces a crash.

    Fwiw, I wouldn't go into riot mode over four monosyllable words taken out of context be it from MS or OBSD. Of course, this is /. and that nice little blurb will most certainly cause a lot of banner hits as people will just have to comment. I can personally attest to 3 to get this post up.

    --
    I don't want knowledge. I want certainty. - Law, David Bowie
  6. "Crash" vs. "Root Exploit" by billstewart · · Score: 4, Insightful
    Yes, it's disturbing, but only because it happened, not because Theo's clueless. But the point of such a comment is that "It's NOT a root exploit". By contrast, with Microsoft, major exploits happen Too Frequently and crashes happen too often to bother reporting.

    A non-serious cracker might have fun taking down OpenBSD a few times with an exploit like this. A more serious cracker would do this to try to convince some number of systems to stop running the most secure OS that's reasonably available and replace it with more vulnerable systems that aren't getting spanked a lot.

    --

    Bill Stewart
    New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
  7. Re:Maybe time to drop this "securitier than thou" by ScottSpeaks! · · Score: 5, Insightful

    I'd find the OpenBSD crew's haughty "more secure than thou" attitude a lot more annoying if it weren't for the fact that their track record actually justifies it. The fact that you can still count the number of remote exploits using a two-bit register is pretty impressive.

  8. Re:Maybe time to drop this "securitier than thou" by Richard_at_work · · Score: 4, Insightful

    yes, when I saw this and noticed people commenting on the "Securer than tho" stance taken, my immediate thought was

    "Hmm, well if we have gotten to the point where people have to roll their own net stack or patch a kernel to bring an issue to the for, then hasnt hte OpenBSD project succeeded in its goal?"

  9. Track record by AvantLegion · · Score: 5, Insightful
    I'm thinking that if someone from Microsoft stated "It's just a crash" the editors here would be just a touch more sarcastic...

    The day Microsoft has half the kind of security track record as OpenBSD, they'll be cut some slack.

    OpenBSD had earned a little slack. MS still has a long way to go in system security/stability before they deserve the same treatment.

  10. Re:Oh wow by Nimrangul · · Score: 5, Insightful

    What crackpipe have you been using? It must greatly enhance the smoking experience. The funding was not pulled "pulled moments before it was to be paid," the funds were already greatly used. There was about three months left before the funding from POSSE was ended. Theo does not seem like an ass to me, he does instead seem like someone that dismisses stupid shit that random people say because he has better things to do.

    --
    I'm sick of following my dreams - I'm just going to ask them where they're going and hook up with them later.
  11. Why does "remote hole" == elevation of privilege? by xswl0931 · · Score: 5, Insightful

    A "remote hole" doesn't have to just be obtaining root access. Being able to remotely crash a server is almost as bad. So no, they cannot boast.

  12. Just a crash.. by fven · · Score: 4, Insightful

    As a sysadmin of a college network, "just a crash" *really* helped me.

    I replaced all firewalls with OpenBSD filtering bridges. One rather persistent script kiddie (unfortuneately a legitimite $luser on the network) decided to send a few malformed packets here, there and everywhere. One of these crashed the filtering bridge at the edge of that particular subnet.

    Immediately no packets enter or leave that subnet and I get about 40 phone calls "the internet is broken / my session crashed..." and go and deal with it.

    Just a crash, saved several boxes. By contrast, accessible linux machines, privelege escalation - root exploit. All over.

    Now if only the average windows box would *only* bluescreen in response to being cracked/ infection with the latest...rather than sending mal packets everywhere. Then infection would be self limiting and the world would be a better place.