Bugtraq mailing list archives
host unreach bug (was:Re: UnixWare)
From: ccdes () ccdes princeton nj us (Carl Corey)
Date: Thu, 28 Apr 1994 09:36:05 -0500
Item: Many older systems, and at least one quite recent Ultrix version, are vulnerable to a denial-of-service attack that is often duplicated without malicious intent by firewalls: on receiving a single host unreachable, they summarily shut down all connections to that host; some may also do this for net unreachables, but I don't know.
I believe this was fixed in 4.3 - as when I was trying out tcpwrapper I did whatever test they gave to find out if the bug existed, and it seemed to be fixed. Ok, just read this from Wietse: The bug is that the kernel doesn't pay attention to the port numbers of the ICMP UNREACH and therefore nukes all connections between the hosts. The bug is present in the NET/1 distributions but fixed in NET/2. It is present in Ultrix 4.3 but fixed with CXO-8919. I believe that we were running Ultrix 4.3a, which most likely included the patch.
Current thread:
- host unreach bug (was:Re: UnixWare) Carl Corey (Apr 28)