Re: Security Alert: IP Fragments of Death (fwd)

B. James Phillippe (bryan@Terran.ORG)
Fri, 14 Nov 1997 23:45:35 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Stephan Meyer: "msr again - proc/tasks"
Previous message: Rogier Wolff: "Re: Suggestion for Pentium Error Stress Testing"

On Sat, 15 Nov 1997, Matthew Kirkwood wrote:

> Hi,
>
> I've heard some bad things about a box killing exploit that
> relies on a kernel buffer overrun in ip_fraqment.c, and that
> the appended patch is in 2.0.32-pre4.
>
> If these nasty rumours are true, could an equivalent make it
> into 2.1.65?

Hi Matthew,

I believe the problem you are referring to was fixed in 2.1.63 of
the development kernels. I hear that a patch for 2.0 will make it into
2.0.32. The fix that I saw posted was different than the one attached
with your email, however.

thanks,
-bp

--
B. James Phillippe <bryan@Terran.ORG>
UNIX, Linux, networks, C, Perl, Java, etc.

Next message: Stephan Meyer: "msr again - proc/tasks"
Previous message: Rogier Wolff: "Re: Suggestion for Pentium Error Stress Testing"