[678] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] TCP Security Bug *READ ASAP*

daemon@ATHENA.MIT.EDU (owner-linux-security@tarsier.cv.nr)
Thu Apr 18 09:38:36 1996

From: owner-linux-security@tarsier.cv.nrao.edu
Date: Wed, 17 Apr 1996 23:14:31 -0700 (PDT)
To: linux-security@tarsier.cv.nrao.edu

Here is an unofficial patch I would suggest using to prevent kernel 
panic's from specially constructed TCP packets until an official patch 
becomes available.  I have sent exploit information into Linus and Alan 
so something official shouldnt be too far off.  

I will make exploit information available publically as soon as I get 
official word back from Alan & Linus.

--- linux/net/ipv4/ip_options.c	Wed Apr 17 21:39:44 1996
+++ linux/net/ipv4/ip_options.c.old	Wed Apr 17 21:39:44 1996
@@ -281,7 +281,6 @@
 		}
 		switch (*optptr) 
 		{
-#ifdef USE_BROKEN_SR
 		      case IPOPT_SSRR:
 		      case IPOPT_LSRR:
 			if (optlen < 3) 
@@ -347,7 +346,6 @@
 			}
 			opt->rr = optptr - iph;
 			break;
-#endif
 		      case IPOPT_TIMESTAMP:
 			if (opt->ts) 
 			{


+-----------------------------------------+
| Kit Knox - System Administrator         |
| CONNECTnet - http://www.connectnet.com/ |    
+-----------------------------------------+


home help back first fref pref prev next nref lref last post