Bugtraq mailing list archives

Re: Linux IP fragment overlap bug


From: bingm () STREAM CSIS GVSU EDU (Morbid Dead Guy)
Date: Sun, 16 Nov 1997 14:29:40 -0500


It may be the previous icmp-fix (ssping) that fixes the problem.  Oddly
enough, NT with no patches at all isn't vulnerable to this.  I haven't
quite sorted out exactly where the problem starts and stops, but I do know
no patches and full patches aren't bothered by it.

This may not be completely true. I've reproduced the attack against an NT
Server 4.0 without any patches. I expected a blue-screen ala OOB attack,
but instead the machine just locked. On two different Linux machines
(2.0.0 and 2.0.31), the attack caused a reboot.

      -matt-

       http://rainbow.csis.gvsu.edu/electric
        pgp:finger bingm () bass csis gvsu edu
            mailto:bingm () csis gvsu edu



Current thread: