Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » FreeBSD Security Advisory - rwhod

FreeBSD Security Advisory - rwhod

by phiber on March 14th, 2001 Malformed packets sent to the rwhod daemon could cause it to crash, thereby denying service to clients if rwhod is not run under a watchdog process which causes it to automatically restart in the event of a failure. The rwhod daemon is not run in this way in the default invocation from /etc/rc.conf using the rwhod_enable variable.

All versions of FreeBSD 3.x and 4.x prior to the correction date including 3.5.1-RELEASE and 4.2-RELEASE are vulnerable to this problem, if they have been configued to run rwhod (this is not enabled by default).




Impact



Remote users can cause the rwhod daemon to crash, denying service to
clients.



Workaround



Implement packet filtering at perimeter firewalls or on the local
machine using ipfw(8)/ipf(8) to prevent untrusted users from
connecting to the rwhod service. The rwhod daemon listens on UDP port
513 by default.



Solution



Upgrade your vulnerable FreeBSD system to 3.5-STABLE or 4.2-STABLE
after the respective correction dates.



To get a patch for your present system download the whole advisory and use the appropriate URL stated in the file.


Download this advisory

FreeBSD Security


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »