>Didn't know if all you "roll-your-own" types had seen this ...
>
>I don't currently run Linux, so I have not taken time to verify (or even
>look closely) - just passing it on.
>
I hope you're not attempting to take a shot at the "roll-your-own" folks
(or Linux), as this problem affects more than just Linux.
I have personally verified that it crashes Linux, AIX, and HP-UX (which,
for some reason, was left off the list of affected systems). I can't
verify Digital Unix, but I'll take their word for it. Solaris and IRIX
passed the test.
The bug can only be exploited from a system that runs the MS IP stack, as
its ping command does no size checking. Any other ping, as far as I
know, will not allow you to specify the data size necessary to crash
these systems.
I hesitated to post this (I've known since Sunday) because of the
availability of patches for AIX and HP-UX. Since it wasn't too secret
then, and certainly less so now, I guess it doesn't matter.
>There is a nasty bug whereby AIX, Digital Unix, Linux and possibly some
>other systems can be brought down remotely by a suitably constructed
>oversize packet. Unfortunately a bug in another well known PC operating
>system means its easy to generate such packets.
>
>** This bug is being actively exploited on the internet against all the
>** mentioned systems. This fix should be considered essential as should
>** other equivalent vendor fixes
>
>The bug can be exploited as simply as;
>
>> 'ping -l 65510 host.running.linux'
>
>The following Linux fix drops such faulty frames and will also be
included
>in 2.0.24
>
>Alan Cox
>
>[Patch also available from http://www.uk.linux.org/patches/]
>
________________________________________________
Rick Hicks
Systems Specialist
Hussmann Corporation
rhicks @
hussmann .
com
http://www.hussmann.com
Follow-Ups:
|
|
