Re: CERT Advisory CA-97.28 - Teardrop_Land

From: Alan Cox (alanat_private)
Date: Tue Dec 16 1997 - 17:26:45 PST

Next message: SGI Security Coordinator: "SGI Security Advisory 19971201-01-P1391 - statd(1M) Buffer Overrun"

Previous message: Aleph One: "Q147222: Group of Hotfixes for Exchange 5.5 and IIS 4.0"
Maybe in reply to: Aleph One: "CERT Advisory CA-97.28 - Teardrop_Land"
Next in thread: Ron Holt: "Re: CERT Advisory CA-97.28 - Teardrop_Land"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Red Hat Software
> > ================
> >
> > Topic 1 - Teardrop
> >
> > Linux is not vulnerable.
>
> It's well known that versions of Linux prior to publishing of the
> teardrop attack *were* vulnerable.  The above borders on an outright
> lie.

I've already moaned. The correct answer is:

Linux

Prior to 2.0.31 and earlier are vulnerable to teardrop
                2.0.32 and above are not.

RedHat 5.0 ships with a 2.0.31+patches that is not vulnerable. RH5.0
update for the 2.0.32 kernel is on ftp.redhat.com

update kernel and/or apply the patch to the existing kernel if you wish
to remain running an older kernel for reasons such as compliance testing.

I _hope_ someone in RH or Cert merely got teardrop and land muddled up.

Alan

Next message: SGI Security Coordinator: "SGI Security Advisory 19971201-01-P1391 - statd(1M) Buffer Overrun"
Previous message: Aleph One: "Q147222: Group of Hotfixes for Exchange 5.5 and IIS 4.0"
Maybe in reply to: Aleph One: "CERT Advisory CA-97.28 - Teardrop_Land"
Next in thread: Ron Holt: "Re: CERT Advisory CA-97.28 - Teardrop_Land"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:36:37 PDT