Bugtraq mailing list archives
Re: Very interesting traceroute flaw
From: Sylvain Robitaille <syl () ALCOR CONCORDIA CA>
Date: Fri, 29 Sep 2000 11:50:15 -0400
Chris Evans wrote:
This flaw in traceroute (if your version is vulnerable) is tickled like this: traceroute -g 1 -g 1 (I think it didn't need a hostname) Segmentation fault
For the record, I tested this on Slackware Linux (4.0, and 3.x), as well as Digital (Compaq) Unix versions 4.0d, 4.0e, and 4.0g, and Solaris-2.7, and found that none of those systems have a vulnerable version of traceroute. On the Linux systems, traceroute doesn't accept the '-g' option; Solaris traceroute complains without a hostname, and runs with one, (no segmentation fault, though the output appears unreliable); All tested versions of Digital Unix dutifully try to traceroute to 0.0.0.1. -- ---------------------------------------------------------------------- Sylvain Robitaille syl () alcor concordia ca Systems analyst Concordia University Instructional & Information Technology Montreal, Quebec, Canada ----------------------------------------------------------------------
Current thread:
- Very interesting traceroute flaw Chris Evans (Sep 29)
- Re: Very interesting traceroute flaw Sylvain Robitaille (Sep 29)
- Re: Very interesting traceroute flaw Martin Peikert (Sep 29)
- Re: Very interesting traceroute flaw Daniel Jacobowitz (Sep 30)
- Re: Very interesting traceroute flaw Casper Dik (Sep 29)
- Re: Very interesting traceroute flaw pedward (Sep 30)
- Re: Very interesting traceroute flaw Daniel Jacobowitz (Sep 30)
- Re: Very interesting traceroute flaw Elias Levy (Sep 30)