Bugtraq mailing list archives

Linux +ipchains+ ping -R

From: atodosic () UBISOFT QC CA (Andrej Todosic)
Date: Thu, 22 Jul 1999 10:34:17 -0400


Hello ,

i am not quite sure if this has been discussed or if htere is a fix already
but i d still like to mention it.

linux firewall setup 2.2.5 or 2.2.10 and ipchains + Nat + advanced router

if you are less than nine hops away from it ping -R and ( assuming the fw
lets the packets go through ) you get a kernel panic .

You cant go wrong . i tried it on more than one firewall and more than one
kernel.

PS if you are testing it do make sure you are not going through the fw for a
connection ( which how i screwed myself up and left the ping -R in the
background )

Andrej

Current thread:

Shared memory DoS's Mike Perry (Jul 14)
- Re: Shared memory DoS's Dustin Marquess (Jul 15)
- Re: Shared memory DoS's (Redhat retraction) Mike Perry (Jul 15)
  - Re: Shared memory DoS's (Redhat retraction) Jim Dennis (Jul 19)
  - Linux +ipchains+ ping -R Andrej Todosic (Jul 22)
    - Re: Linux +ipchains+ ping -R Scott (Jul 23)
    - Update to Microsoft Security Bulletin (MS99-025) aleph1 () UNDERGROUND ORG (Jul 23)
  - Re: Shared memory DoS's (Redhat retraction) Wietse Venema (Jul 22)
  - Alert: RDS IIS vulnerability/fix .rain.forest.puppy. (Jul 23)
- Re: Shared memory DoS's Dick St.Peters (Jul 15)
- Re: Shared memory DoS's Nicolas V. Chernyy (Jul 15)
  - Re: Shared memory DoS's Mike Perry (Jul 17)
- Mail relay vulnerability in RedHat 5.0, 5.1, 5.2 David Luyer (Jul 16)
  - Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2 Ollivier Robert (Jul 19)
  - Re: Mail relay vulnerability in RedHat 5.0, 5.1, 5.2 Matt Dunn (Jul 22)

(Thread continues...)