From:	garbanzo AT hooked DOT net (Alex)
Subject:	Re: WARNING: Serious Pentium Bug
7 Nov 1997 22:57:58 -0800 :
Message-ID:	<Pine.BSF.3.96.971107223856.876A-100000.cygnus.gnu-win32@zippy.dyn.ml.org>
References:	<199711080455 DOT UAA21222 AT stars DOT cisco DOT com>
Mime-Version:	1.0
To:	Tim Iverson <iverson AT cisco DOT com>
Cc:	gnu-win32 AT cygnus DOT com

On Fri, 7 Nov 1997, Tim Iverson wrote:

> Just to keep everyone from getting too scared, this really would only matter
> for secure sites with multiple users -- that particular sequence is a
> nonsense instruction.  The only folks using it would be those deliberately
> wanting to bring the system down.

Well, I'd consider it a pretty big bug, especailly because anybody can run
it, if they can run binary files.  For instance, if my ISP used a P5 for
their mail server, I could use procmail to freeze it, forcing some sort of
[expensive] intervention.  Or, trojan horses *yikes*.  I can see it now.
warez4free.exe...  If NTFS partitions could be mounted async (or damaged
similarly from a power cycle without proper shut down), problems could
arise.  The only people really exploiting the NetBIOS OOB bug would be
people trying to down a system too.. (didn't stop many people) :/

>  Here it is decoded: lock cmpxchg8b eax
> 
> BTW, I haven't tested it, so I don't know if this is even true.  It should
> generate an illegal instruction exception, since the operand needs to be a
> memory reference.

Yes, it worked for me, all too well (not tested under 95).  There was a
small rumor circulating on the FreeBSD-Current list that CPUs with >=12
stepping and 0x52c ids would be immune (doesn't seem to be true, for me).
gcc compiled the code (that I got my hands on) flawlessly, spitting out
only a warning.

- alex

-
For help on using this list (especially unsubscribing), send a message to
"gnu-win32-request AT cygnus DOT com" with one line of text: "help".

- Raw text -