Bugtraq mailing list archives

Re: Urgent !! Serious Linux Security Bug....

From: coxa () cableol net (Alan Cox)
Date: Mon, 21 Oct 1996 09:26:04 +0100

On the Linux machine, you need to be running kernel version 2.0.7(It's
the
lowest we run) up to version 2.0.20(The highest we're running).


Actually, I'm running 2.1.1 and it works on that as well...


It seems to work rather nicely on Digital Unix (some revisions), AIX,
Linux 2.0.x and Linux 2.1.x - has anyone tried it on NT ?

Ironically its a well known problem that is tested by the ip_send tool. It
just happened that the test tool I used didnt construct a packet with
a useful IP protocol field and it thus never hit the layer of
code that can't handle forged big packets.

As well as the patch quoted there is a slightly newer revision that
also happens to log who tried to blow up your computer.

Alan

Current thread:

Re: Urgent !! Serious Linux Security Bug.... James Cisco (Oct 19)
- Re: Urgent !! Serious Linux Security Bug.... Alan Cox (Oct 21)
  - Re: Urgent !! Serious Linux Security Bug.... Brian Clapper (Oct 21)
  - Re: Urgent !! Serious Linux Security Bug.... Chris Townsend (Oct 21)
- What about smbmount? (was: [linux-security] ncpmount/ncpumount) Kristian Köhntopp (Oct 21)
  - Re: What about smbmount? (was: [linux-security] Erki Simson (Oct 21)
- <Possible follow-ups>
- Re: Urgent !! Serious Linux Security Bug.... Jason T. Luttgens (Oct 20)
  - Re: Urgent !! Serious Linux Security Bug.... Henrik P Johnson (Oct 21)
    - Re: Urgent !! Serious Linux Security Bug.... Keith Bower (Oct 21)
    - Re: Urgent !! Serious Linux Security Bug.... Marc MERLIN (Oct 21)
    - Re: Urgent !! Serious Linux Security Bug.... Stefanita Valeriu Vilcu (Oct 22)
    - Re: Urgent !! Serious Linux Security Bug.... Jon Lewis (Oct 22)

(Thread continues...)