|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Dailydave] Fun with Linux (2.6.12 -> 2.6.15.2)
From: H D Moore (hdm-daily-dave
digitaloffense.net)
Date: Tue Feb 07 2006 - 11:39:36 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
A fun remote DoS was fixed today. The bug occurs when the kernel tries to
respond to an ICMP packet and the ip_options_echo() function fails.
So far, it seems like the two ways to trigger this are via record-route
and timestamp IP options that have needaddr bit set and a truncated
value. The easy fix is to block ICMP until you upgrade your kernels...
http://www.kernel.org/diff/diffview.cgi?file=%2Fpub%2Flinux%2Fkernel%2Fv2.6%2Fpatch-2.6.15.3.bz2;z=27
Add the recent FreeBSD SACK bug, the various Windows driver bugs, and some
magic OS X 0day and you can keep your entire local network staring at
crash dump screens indefinitely...
-HD
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]