Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Urgent !! Serious Linux Security Bug....

From: dlarmee () richmond infi net (don larmee)
Date: Tue, 22 Oct 1996 09:39:51 -0400


The AIX 4.1.4 release is susceptible and 3.2.5 is not.  IBM was aware of the
problem with large packets, and a PTF for bos.tcp.client.4.1.4.18 is
available.  The latest APAR number for TCP and security fixes is U445555.
Apply this fix and vulnerability goes away.



Here is some more contradictory information for everyone.  Yesterday I wrote
that my AIX 3.2.5 (Token Ring) seemed to ignore the ping.  Well, as it turns
out about 2 hours after I sent the ping the system crashed.  The
/var/tmp/snmpd.log file shows a 'EXCEPTION: read of "union sockaddr_un" from
kmem failed', and then a zillion 'EXCEPTION: read if "struct ifaddr" from
kmem failed' entries filling up the rest of the log until the system finally
died.



+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
 Donald H. Larmee                      dlarmee () richmond infi net
 Senior Software Engineer
 Distributed Systems                   804.965.6115

          Health Communication Services ~ Trigon BC/BS
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
Previous By Date Next
Previous By Thread Next

Current thread: