Re: mSQL vulnerabilities

Stacey Son (sson@ISERVER.COM)
Mon, 28 Jul 1997 20:29:44 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Doug Hughes: "Re: Sun CDE 1.0.1: login bug"
Previous message: David Sacerdote: "Re: SNI-16: INN News Server Security Advisory (fwd)"
Maybe in reply to: Secure Networks Inc.: "mSQL vulnerabilities"
Next in thread: David Sacerdote: "Re: mSQL vulnerabilities"

Hi,

While fixing up all the buffer overrun problems in mSQL here is
another patch to fix the following quick and dirty DOS attack:

(1) telnet <your_favorite_msql_server> 1114
(2) type ^C (control C)

I have found this causes the server to dump and go away.

The patch (for version 2.0.1):

*** net.c.orig Mon Jul 28 14:19:30 1997
--- net.c Mon Jul 28 14:20:50 1997
***************
*** 120,127 ****
int fd;
{
u_char buf[4];
! int len,
! remain,
offset,
numBytes;

--- 120,127 ----
int fd;
{
u_char buf[4];
! u_int len;
! int remain,
offset,
numBytes;

Regards,

stacey@iserver.com
http://www.iserver.com

Next message: Doug Hughes: "Re: Sun CDE 1.0.1: login bug"
Previous message: David Sacerdote: "Re: SNI-16: INN News Server Security Advisory (fwd)"
Maybe in reply to: Secure Networks Inc.: "mSQL vulnerabilities"
Next in thread: David Sacerdote: "Re: mSQL vulnerabilities"