Re: Linux Blind TCP Spoofing

From: John D. Hardin (jhardinat_private)
Date: Tue Mar 09 1999 - 18:53:38 PST

Next message: James Lick: "Re: SMTP server account probing"

Previous message: Ryan Permeh: "Re: SMTP server account probing"
Maybe in reply to: Security Research Labs: "Linux Blind TCP Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 9 Mar 1999, Security Research Labs wrote:

> VULNERABLE HOSTS
>
> This problem is present in Linux kernels up to and including 2.0.35.
> Any distribution containing a kernel revision less than this is
> vulnerable.

{snip}

> RESOLUTION
>
> It is recommended that kernels below version 2.0.36 be upgraded to
> eliminate this vulnerability.

This implies but does not explicitly state that 2.0.36+ kernels are
not vulnerable. Is this the case?

--
 John Hardin KA7OHZ                               jhardinat_private
 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
  If you spend any time administering Windows NT, you're far too
  familiar with the Blue Screen of Death (BSOD) ...
                            - "MSDN Flash" email newsletter, 2/8/1999
-----------------------------------------------------------------------
   72 days until Star Wars episode I

Next message: James Lick: "Re: SMTP server account probing"
Previous message: Ryan Permeh: "Re: SMTP server account probing"
Maybe in reply to: Security Research Labs: "Linux Blind TCP Spoofing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:35 PDT