Bugtraq mailing list archives
Re: IBM AIX Packet Filter module
From: troy () AUSTIN IBM COM (Troy A. Bollinger)
Date: Tue, 26 Oct 1999 13:47:40 -0500
Quoting Brumbles (brummie () SECURE I1 NET):
I have tried unsuccessfully to get any response from IBM on the following, apparently unless you have a support contract you cant report bugs.. (well.. you can.. "Program Services", but thats a link to /dev/null apparently.)
You can always send new AIX vulnerabilities to the security-alert () austin ibm com mail address.
AixLevel AIX4.3.2 Packet Filtering Module, in particular the command genfilt does not allow the addition of filters with port numbers greater than 32767
I've opened defect 289790 to address this. It appears to be caused by using a "short" instead of an "unsigned short" for the port number. -- Troy Bollinger troy () austin ibm com AIX Security Development security-alert () austin ibm com PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
Current thread:
- Local user can send forged packets Marc SCHAEFER (Oct 22)
- Re: Local user can send forged packets Pavel Kankovsky (Oct 23)
- IBM AIX Packet Filter module Brumbles (Oct 25)
- Re: IBM AIX Packet Filter module Troy A. Bollinger (Oct 26)
- Re: IBM AIX Packet Filter module (followup) Brumbles (Oct 27)
- IBM AIX Packet Filter module Brumbles (Oct 25)
- Re: Local user can send forged packets Alan Cox (Oct 25)
- Re: Local user can send forged packets Solar Designer (Oct 27)
- Re: Local user can send forged packets Pavel Kankovsky (Oct 23)
- SuSE Security Announcement - ypserv Marc Heuse (Oct 24)
- password leak in IBM WebSphere / HTTP Server / ikeyman Major Malfunction (Oct 24)