Bugtraq mailing list archives
Livingston bugs...
From: elfchief () lupine org (Jay 'Whip' Grizzard)
Date: Tue, 12 Sep 1995 10:58:01 -0700
I saw the "pmcrash" program, but I never saw the commentary on it that was supposedly sent before the exploit was sent. Anyone know the details of how it works? (other than the obvious explenation provided by reading the source...) I talked to livingston via email, they indicated that this problem has already been fixed for the "portmaster" products, but that for other products (the IRX routers, etc), a fix would be present in _the next major release of the software_. Given that livingston has just done a major release of their software, I wonder how long it's going to be until I can get fixed software. I, personally, can't understand such a passive attitude on the part of Livingston -- I personally would call a bug where you can crash virtually anyone's network connection, from virtually anywhere in the world, to be a major bug. Maybe it's just me... ObBugTraq: Apparently (at least, under limited testing), putting up a filter to prevent folks from getting to your login port from the outside world will protect you -- Except I don't _want_ to have to start filtering things out, and in some circuimstances (backbone routers, etc), it's not exactly a viable option. Do YOU want to have the bandwith of several T1's all running through a filter before they get off the router? No, thanks... Sigh. McDonalds looks more and more tempting as a place of employment... -WW
Current thread:
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995, (continued)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 der Mouse (Aug 31)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Tim Scanlon (Sep 02)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Slava Kritov (Sep 05)
- Discovery: Gain access to root on Linux via NIS Ken Weaverling (Sep 05)
- Re: Discovery: Gain access to root on Linux via NIS Alan Hannan (Sep 07)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Neil Woods (Sep 04)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 11)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Neil Woods (Sep 12)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Karl Strickland (Sep 13)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 14)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 System Administrator (Sep 11)
- Livingston bugs... Jay 'Whip' Grizzard (Sep 12)
- Re: Livingston bugs... Phillip Moore (Sep 12)
- Re: Livingston bugs... Dave Andersen (Sep 12)
- Re: Livingston bugs... Mike A Lyons (Sep 12)
- LACC Julian Assange (Sep 13)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Charles Sumner (Sep 14)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Goetz von Escher (Sep 18)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Doug Hughes (Sep 18)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Scott Barman (Sep 18)
- Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 Karl Strickland (Sep 18)
- Netscape SSL implementation cracked! (fwd) sameer (Sep 18)