Bugtraq mailing list archives

Re: Ipchains!

From: paul () CARLUCCI NET (Paul D. Carlucci)
Date: Thu, 11 May 2000 01:23:20 -0400


    Wacky, I was unable to reproduce this.  I've got Slack 4.0 with 2.2.11 +
international crypto goodies, and ipchains 1.3.8.  I was unable to reproduce
this.  I let this run for about 15 minutes and nothing bad happened.

Here's some stuff about my box:

<snip>
REJECT     udp  ----l-  0.0.0.0/0             0.0.0.0/0             * ->  !1024:

65535
REJECT     tcp  -y--l-  0.0.0.0/0             0.0.0.0/0             * ->  !1024:

65535
Chain forward (policy ACCEPT):
target     prot opt     source                destination           ports
MASQ       tcp  ------  192.168.0.0/16        0.0.0.0/0             * ->   *
MASQ       udp  ------  192.168.0.0/16        0.0.0.0/0             * ->   *
MASQ       icmp ------  192.168.0.0/16        0.0.0.0/0             * ->   *
Chain output (policy ACCEPT):
gargoyle:~# uname -a
Linux gargoyle 2.2.11 #6 Tue Sep 28 18:49:31 EDT 1999 i586 unknown
gargoyle:~# ipchains --version
ipchains 1.3.8, 27-Oct-1998
gargoyle:~# uptime
  1:34am  up 26 days, 21:44,  3 users,  load average: 2.56, 2.32, 1.38
gargoyle:~#

Dimuthu Parussalla wrote:

Ipchains buffer overflow with debian 2.2.10 Kernel.
--------------------------------------------------

there is a buffer overflow hang in linux debian distributin kernel 2.2.10
with ipchains 1.3.8, 27-Oct-1998.

here is the explanation.

We tested with a linux running with debian above version of kernel  and
ipchains. first we setup the linux box to handle IP Masquerading as follows.

ipchains -A forward -j MASQ -s 192.168.0.0/16

Then from a local workstation within the 192.168.0.0 network. We ssh to the
linux box. and did the following

$ping -f <ip.address>

And we opend a another ssh session to the linux box and did the following

$ping -l 6512121 <ip.address>

After a few minutes. Ipchains hangs and the linux server hangs..

Ipchains-patch.gz will fix the problem.

----------------------
THE UNDERTAKER -> EFNET -> REAL CRACKING

!!!REST IN PACE!!!!

Current thread:

Re: Windows NT/95/98/Possible Others Denial of Service Attack. Mi crosoft ODBC Database connectivity flaw. Daniel Docekal (May 01)
- SuSE Security Announcement - aaa_base - UPDATE Marc Heuse (May 02)
  - Race condition in "rm -r" Morten Welinder (May 03)
    - Re: Race condition in "rm -r" Glynn Clements (May 06)
    - Re: Race condition in "rm -r" David Brownlee (May 07)
    - Re: Race condition in "rm -r" Glynn Clements (May 07)
    - Re: Race condition in "rm -r" David Brownlee (May 08)
    - Re: Race condition in "rm -r" Alex Belits (May 07)
    - Re: Race condition in "rm -r" Glynn Clements (May 07)
    - Ipchains! Dimuthu Parussalla (May 07)
    - Re: Ipchains! Paul D. Carlucci (May 10)
    - Prevent Current and Future E-Mail Worms AXENT Security Team (May 12)
    - Cisco Security Advisory: Cisco IOS HTTP Server Vulnerability Cisco Systems Product Security Incident Response Team (May 15)
    - Contemplations : Melissa, I love you - not! Cerberus Security Team (May 08)
    - June 2000 FIRST Conference Reminder Roger Safian (May 08)
  - Re: SuSE Security Announcement - aaa_base - UPDATE Jeremy Rauch (May 03)
- Re: Windows NT/95/98/Possible Others Denial of Service Attack. Microsoft ODBC Database connectivity flaw. Jeff Dafoe (May 02)