|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
The overlapping fragment bug
Alan Cox (alan
LXORGUK.UKUU.ORG.UK)Fri, 14 Nov 1997 19:54:00 GMT
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Aleph One: "Pentium processor invalid instruction erratum"
- Previous message: G P R: "The Linux patch."
- Next in thread: Paul Leach: "Re: The overlapping fragment bug"
Well after some testing its quite effective against Linux [fix available and will be in 2.0.32 as standard], NT, 95, Win 3.11 and also a couple of others it seems - DOS Novell TCP/IP and PCNFS 4.0 (reportedly). BSD derived stacks, various routers, Solaris MacOS and HP/UX all seem fine. The actual exploit can also be slightly improved. Make it a tcp frame, make the destination port 80 and it goes through most firewalls like a bullet through cheese and seems to keep its effectiveness. You can screen the stuff behind a firewall if your firewall reassembles fragments (and is of course itself not vulnerable 8)). Any news on the microsoft fix expected date/times ? Alan
- Next message: Aleph One: "Pentium processor invalid instruction erratum"
- Previous message: G P R: "The Linux patch."
- Next in thread: Paul Leach: "Re: The overlapping fragment bug"