Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Linux Kernel sctp_setsockopt() Integer Overflow
From: Shaun Colley (shaunigeyahoo.co.uk)
Date: Mon May 31 2004 - 12:35:29 CDT
> Because this all is debate about nothing, as the
> original advisory was
> fake, because you simply can't pass negative optlen
> to setsockopt()
> syscall, so there is nothing to be exploited.
No, the advisory was not fake. At the time, I didn't
realise that -1 or any negative will not get past
sys_setsockopt(). Without the sanity check in
setsockopt, there would be a bad security issue,
though. It's still worth upgrading, anyway. The bug
exists, just not a very big possibility of exploiting.
Thank you for your time.
Yahoo! Messenger - Communicate instantly..."Ping"
your friends today! Download Messenger Now