Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)

To: Phillip Vandry <vandry@Mlink.NET>
Subject: Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)
From: Joe Shaw <jshaw@insync.net>
Date: Tue, 17 Mar 1998 09:57:25 -0600 (CST)
cc: ascend-users@bungi.com
In-Reply-To: <199803171519.KAA21258@Iodine.Mlink.NET>
Sender: owner-ascend-users@max.bungi.com

The only problem I had with this attack was that I didn't run it as root
the first time so I didn't have access to the sockets.  However, a quick
su - had me rebooting a fiew peices of gear from pipelines to maxen.

I compiled it on an x86 linux 2.0.33 box with gcc with no problems.

Regards,
Joe Shaw - jshaw@insync.net
NetAdmin - Insync Internet Services

On Tue, 17 Mar 1998, Phillip Vandry wrote:

> > 01. Ascend Kill II - C version
> > 02. Ascend Kill II - Ballista "cape" version
> > 03. SNI-26: Ascend Router Security Issues
> 
> Well, I tried this on a Pipeline, and the Pipe seemed unaffected. So,
> noticing that the code does not set a valid UDP checksum, I turned off
> UDP checksums on the Pipeline and tried it again. Still no effect.
> 
> So I tried it on a Max 4048. Still no effect.
> 
> Has anyone been able to use this attack successfully?
> 
> Have I compiled it wrong?
> 
> -Phil

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Follow-Ups:

Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)

From: Jeremy Bouse <undrgrid@undergrid.net>

References:

Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)

From: Phillip Vandry <vandry@Mlink.NET>

Prev by Date: (ASCEND) Configuring Your filter(Revised)(PipeX)
Next by Date: Re: (ASCEND) Malfunction :(
Prev by thread: Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)
Next by thread: Re: (ASCEND) [rootshell] Security Bulletin #16 (fwd)
Index(es):
- Main
- Thread