Bugtraq mailing list archives
Re: Linux IP fragment overlap bug
From: bingm () STREAM CSIS GVSU EDU (Morbid Dead Guy)
Date: Sun, 16 Nov 1997 14:29:40 -0500
It may be the previous icmp-fix (ssping) that fixes the problem. Oddly enough, NT with no patches at all isn't vulnerable to this. I haven't quite sorted out exactly where the problem starts and stops, but I do know no patches and full patches aren't bothered by it.
This may not be completely true. I've reproduced the attack against an NT Server 4.0 without any patches. I expected a blue-screen ala OOB attack, but instead the machine just locked. On two different Linux machines (2.0.0 and 2.0.31), the attack caused a reboot. -matt- http://rainbow.csis.gvsu.edu/electric pgp:finger bingm () bass csis gvsu edu mailto:bingm () csis gvsu edu
Current thread:
- Re: X Security problem (?), (continued)
- Re: X Security problem (?) Matthias Buelow (Nov 14)
- Re: X Security problem (?) Scott Moseman (Nov 14)
- digital unix 4.0 hole John McDonald (Nov 14)
- What to do when you forget your cisco LD password... Dustin Sallings (Nov 13)
- Re: What to do when you forget your cisco LD password... John Bashinski (Nov 14)
- Re: Safe /tmp cleanup Erik Troan (Nov 13)
- Linux IP fragment overlap bug G P R (Nov 13)
- Re: Linux IP fragment overlap bug Alan Cox (Nov 14)
- Re: Linux IP fragment overlap bug Vadim Kolontsov (Nov 14)
- Re: Linux IP fragment overlap bug David LeBlanc (Nov 14)
- Re: Linux IP fragment overlap bug Morbid Dead Guy (Nov 16)
- Windows 95 IP Fragmentation Bug Fix? Aleph One (Nov 17)
- The Linux patch. G P R (Nov 14)
- The overlapping fragment bug Alan Cox (Nov 14)
- Re: The overlapping fragment bug Philippe Strauss (Nov 14)
- Re: The overlapping fragment bug G P R (Nov 15)
- Pentium processor invalid instruction erratum Aleph One (Nov 14)
- Software backgrounder Aleph One (Nov 14)
- BSDI patch for Pentium workaround has problems Charles M. Hannum (Nov 14)
- Re: L0pht Advisory: IE4.0 David LeBlanc (Nov 10)
- Re: L0pht Advisory: IE4.0 rene () NS VIA NL (Nov 11)