On Fri, Feb 01, 2002 at 09:28:43PM +0100, Gregor Binder wrote:
William D. Colburn (aka Schlake) on Fri, Feb 01, 2002 at 12:58:57PM -0700:
Normally I would disclose the crash to the list, but if no fix will be forthcoming I am afraid too let other people know how to down a server.
I strongly suggest you publish this problem to this list, or, if it is relevant enough, to the security-lists (vuln-dev, bugtraq, whatever you see fits).
My turn to agree with Gregor. Also I should mention that this may not even be a vulnerability. Talk to us, discuss what you see happening. Denial of service problems usually exist with every service on every IP network - maybe it's something like that. Maybe the problem can be patched by a casual C hacker and can be fixed on this list immediately, even if Balazs isn't around. Share with us. -- Nate Campi "Usenet isn't a right. It's a right, a left, and a swift uppercut to the jaw." -Computer Museum (Boston)