Users login

Create an account »


Users login

Home » Hacking News » FreeBSD Security Advisory - rwhod

FreeBSD Security Advisory - rwhod

by phiber on March 14th, 2001 Malformed packets sent to the rwhod daemon could cause it to crash, thereby denying service to clients if rwhod is not run under a watchdog process which causes it to automatically restart in the event of a failure. The rwhod daemon is not run in this way in the default invocation from /etc/rc.conf using the rwhod_enable variable.

All versions of FreeBSD 3.x and 4.x prior to the correction date including 3.5.1-RELEASE and 4.2-RELEASE are vulnerable to this problem, if they have been configued to run rwhod (this is not enabled by default).


Remote users can cause the rwhod daemon to crash, denying service to


Implement packet filtering at perimeter firewalls or on the local
machine using ipfw(8)/ipf(8) to prevent untrusted users from
connecting to the rwhod service. The rwhod daemon listens on UDP port
513 by default.


Upgrade your vulnerable FreeBSD system to 3.5-STABLE or 4.2-STABLE
after the respective correction dates.

To get a patch for your present system download the whole advisory and use the appropriate URL stated in the file.

Download this advisory

FreeBSD Security

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »