ryanGUARDIANDIGITAL.COM

• Next message: bugzillaREDHAT.COM: "[RHSA-2000:088-04] Updated apache, php, mod_perl, and auth_ldap packages available."
• Previous message: Mike Eldridge: "Re: [RHSA-2000:086-05] ypbind for Red Hat Linux 5.x, 6.x has a local root exploit"
• In reply to: Joseph Gernandez: "Re: [RHSA-2000:087-02] Potential security problems in ping fixed."
• Reply: Ryan W. Maple: "Re: [RHSA-2000:087-02] Potential security problems in ping fixed."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 22 Oct 2000, Joseph Gernandez wrote:

> Something else to note about the ping bug everyone
> is raving about.. The program does not give a seg
> fault unless run as root, as far as I can see.

<example>

> This was on RedHat 6.2, with the default ping
> package. Perhaps it's not as big a security problem
> as people have this far thought it was.

This was outlined in Redhat advisory RHSA-2000:087-02, "Potential security
problems in ping fixed.":

<QUOTE>
3. Problem description:

Several problems in ping are fixed:

1) Root privileges are dropped after acquiring a raw socket.
2) An 8 byte overflow of a static buffer "outpack" is prevented.
3) An overflow of a static buffer "buf" is prevented.

A non-exploitable root only segfault is fixed as well.
</QUOTE>

Ryan W. Maple
Guardian Digital, Inc.
ryanguardiandigital.com

• Next message: bugzillaREDHAT.COM: "[RHSA-2000:088-04] Updated apache, php, mod_perl, and auth_ldap packages available."
• Previous message: Mike Eldridge: "Re: [RHSA-2000:086-05] ypbind for Red Hat Linux 5.x, 6.x has a local root exploit"
• In reply to: Joseph Gernandez: "Re: [RHSA-2000:087-02] Potential security problems in ping fixed."
• Reply: Ryan W. Maple: "Re: [RHSA-2000:087-02] Potential security problems in ping fixed."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]