Bugtraq mailing list archives
Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Sun, 24 Jan 1999 00:40:33 +0000
2) Modify the kernel to not remove sockets from the accept(2) queue when they are closed. A change that implements this has been added to NetBSD-current, and is available at: ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/19990120-accept
This method works well btw. Linux has always done this, (by happy chance). Im _amazed_ this bug exists. It was documented/abused/used/fixed in so many different places at different times even back in 1990/1991 or so Alan
Current thread:
- Re: Sendmail 8.8.x/8.9.x bugware, (continued)
- Re: Sendmail 8.8.x/8.9.x bugware Jens Hoffmann (Jan 16)
- Re: Sendmail 8.8.x/8.9.x bugware Alan Brown (Jan 17)
- Re: Sendmail 8.8.x/8.9.x bugware John Mizzi (Jan 17)
- Personal web server kiborg (Jan 17)
- Re: Personal web server Dave Pifke (Jan 18)
- Another web-based mail reader hole Dave Pifke (Jan 18)
- Re: Another web-based mail reader hole Peter van Dijk (Jan 19)
- Personal web server kiborg (Jan 17)
- Re: Sendmail 8.8.x/8.9.x bugware Michal Zalewski (Jan 18)
- Re: Sendmail 8.8.x/8.9.x bugware Jens Hoffmann (Jan 16)
- Re: Sendmail 8.8.x/8.9.x bugware Nic Bellamy (Jan 19)
- NetBSD Security Advisory 1999-001: select(2)/accept(2) race Luke Mewburn (Jan 20)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Alan Cox (Jan 23)
- Mirc 5.5 'DCC Server' hole Spikeman (Jan 24)
- Re: Mirc 5.5 'DCC Server' hole Sandro Jurado (Jan 26)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Casper Dik (Jan 25)
- Announcement: Wietse's FTP site has moved Wietse Venema (Jan 25)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Alan Cox (Jan 23)
- Re: Nobo and Netbuster Dos Flavio Veloso (Jan 21)