Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service

From: Guido van Rooij (Guido.vanRooijat_private-IT.COM)
Date: Thu Dec 24 1998 - 02:18:54 PST

Next message: Darren J Moffat - Enterprise Services OS Product Support Group: "Re: Linux PAM (up to 0.64-2) local root compromise"

Previous message: Jason Thorpe: "Re: Why you should avoid world-writable directories"
Maybe in reply to: aleph1at_private: "CERT Advisory CA-98.13 - TCP/IP Denial of Service"
Next in thread: Jeff Roberson: "Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Dec 23, 1998 at 11:17:48AM +0100, Ulf Munkedal wrote:
> Have I missed something on the list lately about these illegal packets that
> CERT are adressing ("constructing a sequence of packets with certain
> characteristics, an intruder can cause vulnerable systems to crash, hang,
> or behave in unpredictable ways")?
>
> Or is this just the old teardrop/newtear/boink/bonk/nestea2 problem that
> they are talking about?
>

No. This is an entirely new problem. It was discovered by me after a bug
report for an SMP FreeBSD system. Since I know it is only a matter
of time before such a bug would be abused, I decided to inform
CERT (also because the problem has been present since at least the
BSD Net/2 release). No public exploits are known to me.

-Guido

Next message: Darren J Moffat - Enterprise Services OS Product Support Group: "Re: Linux PAM (up to 0.64-2) local root compromise"
Previous message: Jason Thorpe: "Re: Why you should avoid world-writable directories"
Maybe in reply to: aleph1at_private: "CERT Advisory CA-98.13 - TCP/IP Denial of Service"
Next in thread: Jeff Roberson: "Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:12 PDT