Bugtraq mailing list archives
Re: bind() Security Problems
From: Richard.Black () cl cam ac uk (Richard Black)
Date: Thu, 1 Feb 1996 11:49:33 +0000
Sigh, I am not on any of these security lists but I have just been forwarded this alert about bind(). This is a "feature" of IP Multicast support. I reported this bug in November 1993 on the IP Multicast workers mailing list, and directly to Steeve Deering. This feature was deliberately added to the (previously secure) BSD networking code by Steeve Deering (or at any rate one of the IP multicast people working with him) in 1992 or 1993 because of the way that IP Multicast works. Since IP multicast uses UDP all the recipients of a multicast session world wide must be using the same UDP port number. Since global agreement on free port numbers is not practical it was made possible for an application to get access to a particular UDP port irrespective of its use elsewhere on the same machine. Most vendors (e.g. Digital Unix) have not accepted this hole and only permit sharing of the same port when ALL of the sockets involved have SO_REUSEADDR set. This works reasonably well in practice since port numbers chosen for multicast sessions are above the range normally cyclicly allocated to other applications. I have not been following IP multicast implementation work so I have no idea at what stage (or even whether) this fix was adopted. ----- Richard Black (usual disclaimers) University of Cambridge Computer Laboratory Cambridge United Kingdom
Current thread:
- Re: bind() Security Problems Richard Black (Feb 01)
- Re: bind() Security Problems dsiebert () icaen uiowa edu (Feb 01)
- Re: bind() Security Problems General Scirocco (Feb 01)
- Re: bind() Security Problems Baba Z Buehler (Feb 05)
- passwd command in AIX 4.1.4 Dave Roberts (Feb 05)
- Re: passwd command in AIX 4.1.4 Chris Burris (Feb 05)
- Re: passwd command in AIX 4.1.4 JaDe (Feb 05)
- CGI security: Escape newlines. Jennifer Myers (Feb 05)
- Re: CGI security: Escape newlines. Dave Andersen (Feb 05)
- Re: CGI security: Escape newlines. Fred Cohen (Feb 06)
- [Fwd: HTTPd 1.5a Security Hole!!! (fwd)] Rogue Agent (Feb 06)
- Re: bind() Security Problems General Scirocco (Feb 01)
- Re: bind() Security Problems dsiebert () icaen uiowa edu (Feb 01)