Bugtraq mailing list archives
Re: Linux IP fragment overlap bug
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Fri, 14 Nov 1997 22:52:31 -0500
At 07:01 PM 11/14/97 +0300, Vadim Kolontsov wrote:
Hi,
On Thu, Nov 13, 1997 at 10:06:15PM -0800, G P R wrote:
Oh, by the way, NT/95 appear to have the bug also. Try sending 10 -
15 of
these fragment combos to an NT/95 machine.
This bug doesn't fixed by Service Pack #3, but it seems like SP3 + "simply-tcp" patch fixes this bug (thanks for Serge Solopov, serj () portal ru). It's funny - 'simply-tcp' was intended to fix another bug (see below).
It may be the previous icmp-fix (ssping) that fixes the problem. Oddly enough, NT with no patches at all isn't vulnerable to this. I haven't quite sorted out exactly where the problem starts and stops, but I do know no patches and full patches aren't bothered by it. David LeBlanc |Why would you want to have your desktop user, dleblanc () mindspring com |your mere mortals, messing around with a 32-bit |minicomputer-class computing environment? |Scott McNealy
Current thread:
- X Security problem (?), (continued)
- X Security problem (?) Carlo Wood (Nov 13)
- Re: X Security problem (?) Matthias Buelow (Nov 14)
- Re: X Security problem (?) Scott Moseman (Nov 14)
- digital unix 4.0 hole John McDonald (Nov 14)
- What to do when you forget your cisco LD password... Dustin Sallings (Nov 13)
- Re: What to do when you forget your cisco LD password... John Bashinski (Nov 14)
- Re: Safe /tmp cleanup Erik Troan (Nov 13)
- Linux IP fragment overlap bug G P R (Nov 13)
- Re: Linux IP fragment overlap bug Alan Cox (Nov 14)
- Re: Linux IP fragment overlap bug Vadim Kolontsov (Nov 14)
- Re: Linux IP fragment overlap bug David LeBlanc (Nov 14)
- Re: Linux IP fragment overlap bug Morbid Dead Guy (Nov 16)
- Windows 95 IP Fragmentation Bug Fix? Aleph One (Nov 17)
- The Linux patch. G P R (Nov 14)
- The overlapping fragment bug Alan Cox (Nov 14)
- Re: The overlapping fragment bug Philippe Strauss (Nov 14)
- Re: The overlapping fragment bug G P R (Nov 15)
- Pentium processor invalid instruction erratum Aleph One (Nov 14)
- Software backgrounder Aleph One (Nov 14)
- BSDI patch for Pentium workaround has problems Charles M. Hannum (Nov 14)
- Re: L0pht Advisory: IE4.0 David LeBlanc (Nov 10)