Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice)

From: Alan Cox (alanat_private)
Date: Tue Nov 03 1998 - 11:18:27 PST

Next message: Rich Kulawiec: "Re: 10th anniversary of the Internet Worm"

Previous message: Aleph One: "FreeBSD Security Advisory: FreeBSD-SA-98:08.fragment"
Next in thread: Wietse Venema: "Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> This attack is specific to LINUX. On UNIX systems with a BSD TCP/IP
> protocol stack, the accept() call does not return until the three-way
> handshake completes.
>
> Please do not blame Sendmail for every problem in the world.

The fact the sendmail people have been aware of this for over 2 years
and refused to consider putting a Linux case in for existing Linux
installations speaks volumes however. And yes Linux 2.1.x matches
BSD behaviour here.

Alan, still waiting for POSIX to finish standardising the socket API.

Next message: Rich Kulawiec: "Re: 10th anniversary of the Internet Worm"
Previous message: Aleph One: "FreeBSD Security Advisory: FreeBSD-SA-98:08.fragment"
Next in thread: Wietse Venema: "Re: Sendmail, lynx, Netscape, sshd, Linux kernel (twice)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:21:59 PDT