RE: kernel panic [linux 2.2.19-7] on UDP scan CP4.1-SP5

[Yanek Korff <yanek () cigital com>]

> Meaning it crashes?  Seems strange, you'd think Checkpoint would have
> tried a UDP packet before they shipped...
>
> Can anyone else confirm the results?
Indeed, I'd love if someone could do more testing.  I've blown away my RH7
install, and am working on 6.2 right now -- bad kernel (Default).  So far no
remote udp crashes.  Haven't done much configuration yet, though.

> > If I run nslookup on nmap_source, set my server to 
> fw_under_test, and
> > attempt to resolve something (even though fw_under_test is 
> not running a
> > nameserver), the fw_under_test does not crash.  It merely 
> replies with udp
> > port unreachable and stays up.
>
> Must be something in particular with the conetns of the 
> packet NMAP sends.
According to nmap man pages, it sends 0 byte udp datagrams.

-Yanek.