Full Disclosure mailing list archives
Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service
From: GloW - XD <doomxd () gmail com>
Date: Fri, 20 Jan 2012 07:54:10 +1100
Try fixing the in_cksum() function, it has been intionally crippled,also,look at both of the 'ips' both should really be argvs,as theyre set in saddr/daddr;) this should be easy to fix, or read the pasted one i think is in one of my posts in reply to it, it will show where i had to adjust it, as the sendto, will never work with the in_cksum not functional, lan, or no lan... anyhow, you could ignore me, but in the end, read the code... later dude. drew On 19 January 2012 09:43, Morgus Magnificent <morgusdamagnificent () gmail com> wrote:
Thanks again for re-enforcing my paranoia with another one of your exploits. The apache killer one was particularly disturbing and at the same time, another great eye-opener, much respect to you. I tested this on a custom compiled kernel for PXE booting, version 2.6.37.6-x86_64, running Debian Squeeze, and I can't seem to get it to work. Root is mounted read-only over NFS. I don't recall any special config options I did for networking or IGMP requests, other then building my NIC drivers and NFS into the kernel. Did I just get lucky? Thanks, Morgus _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service, (continued)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service xD 0x41 (Jan 17)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service xD 0x41 (Jan 18)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service HI-TECH . (Jan 19)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service xD 0x41 (Jan 19)
- Message not available
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service HI-TECH . (Jan 19)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service xD 0x41 (Jan 19)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service root (Jan 19)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service root (Jan 19)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service HI-TECH . (Jan 19)
- Re: [CVE-2012-0207] Linux IGMP Remote Denial Of Service GloW - XD (Jan 19)