Full Disclosure mailing list archives

Re: Linux kernel IGMP vulnerabilities

From: stephen joseph butler <stephen.butler () gmail com>
Date: Tue, 14 Dec 2004 23:14:46 -0600

On Tue, 14 Dec 2004 11:31:21 +0100 (CET), Paul Starzetz <ihaquer () isec pl> wrote:

You can check if your configuration is vulnerable by  looking  at  these
files:

/proc/net/igmp
/proc/net/mcfilter

if both exist and are non-empty you are vulnerable!


Just to be clear: if "mcfilter" is empty, then you aren't vulnerable?
I have both files, and "igmp" contains data, but "mcfilter" is empty.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Linux kernel IGMP vulnerabilities Paul Starzetz (Dec 15)
- Re: Linux kernel IGMP vulnerabilities Pekka Savola (Dec 15)
- Re: Linux kernel IGMP vulnerabilities stephen joseph butler (Dec 16)
  - Re: Linux kernel IGMP vulnerabilities Paul Starzetz (Dec 22)
- <Possible follow-ups>
- Re: Linux kernel IGMP vulnerabilities Timothy Hall (Dec 17)