Hi, CERN and other institutes are currently attacked from 130.237.48.109 (sul.e.kth.se) By scanning port 7001 and sending malicious packets the attacker was able to crash AFS servers. Reports have shown that at least Solaris 5.6 and 5.7 machines and AIX 4.3.3 machines are affected, but probably that are not the only platforms.
We reccommend to take appropriate mesures against this attack (at least blocking the originating site) Best regards Wolfgang Friebel PS: Below I do copy the information I obtained from Benoit Delaunay --------------------------------------------------------------------- Date: Thu, 06 Jun 2002 13:57:48 +0200 (MET DST) From: Benoit Delaunay <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] To provide further information, it is the client part (the AFS cache manager) which is subject to this vulnerability. The cache manager is usually running on the AFS server machines and is responsible for the crash. We experienced many crashes this morning on both AFS client machines and AFS servers. The versions of AFS involved in our sad experience were 3.6 build 2.5 (patch1) and 3.6 build 2.26 (patch3). Regards, B. DELAUNAY _______________________________________________ OpenAFS-info mailing list [EMAIL PROTECTED] https://lists.openafs.org/mailman/listinfo/openafs-info
