Bugtraq mailing list archives

Re: Linux IP fragment overlap bug

From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Fri, 14 Nov 1997 22:52:31 -0500


At 07:01 PM 11/14/97 +0300, Vadim Kolontsov wrote:

Hi,

On Thu, Nov 13, 1997 at 10:06:15PM -0800, G P R wrote:

    Oh, by the way, NT/95 appear to have the bug also.  Try sending 10 -

15 of

these fragment combos to an NT/95 machine.

 This bug doesn't fixed by Service Pack #3, but it seems like SP3 +
"simply-tcp" patch fixes this bug (thanks for Serge Solopov, serj () portal ru).
It's funny -  'simply-tcp' was intended to fix another bug (see below).


It may be the previous icmp-fix (ssping) that fixes the problem.  Oddly
enough, NT with no patches at all isn't vulnerable to this.  I haven't
quite sorted out exactly where the problem starts and stops, but I do know
no patches and full patches aren't bothered by it.


David LeBlanc           |Why would you want to have your desktop user,
dleblanc () mindspring com |your mere mortals, messing around with a 32-bit
                        |minicomputer-class computing environment?
                        |Scott McNealy

Current thread:

X Security problem (?), (continued)
- - - X Security problem (?) Carlo Wood (Nov 13)
    - Re: X Security problem (?) Matthias Buelow (Nov 14)
    - Re: X Security problem (?) Scott Moseman (Nov 14)
    - digital unix 4.0 hole John McDonald (Nov 14)
    - What to do when you forget your cisco LD password... Dustin Sallings (Nov 13)
    - Re: What to do when you forget your cisco LD password... John Bashinski (Nov 14)
    - Re: Safe /tmp cleanup Erik Troan (Nov 13)
    - Linux IP fragment overlap bug G P R (Nov 13)
    - Re: Linux IP fragment overlap bug Alan Cox (Nov 14)
    - Re: Linux IP fragment overlap bug Vadim Kolontsov (Nov 14)
    - Re: Linux IP fragment overlap bug David LeBlanc (Nov 14)
    - Re: Linux IP fragment overlap bug Morbid Dead Guy (Nov 16)
    - Windows 95 IP Fragmentation Bug Fix? Aleph One (Nov 17)
    - The Linux patch. G P R (Nov 14)
    - The overlapping fragment bug Alan Cox (Nov 14)
    - Re: The overlapping fragment bug Philippe Strauss (Nov 14)
    - Re: The overlapping fragment bug G P R (Nov 15)
    - Pentium processor invalid instruction erratum Aleph One (Nov 14)
    - Software backgrounder Aleph One (Nov 14)
    - BSDI patch for Pentium workaround has problems Charles M. Hannum (Nov 14)
    - Re: L0pht Advisory: IE4.0 David LeBlanc (Nov 10)

(Thread continues...)