[12354] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Local user can send forged packets

daemon@ATHENA.MIT.EDU (Solar Designer)
Wed Oct 27 14:36:18 1999

Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id:  <199910271422.SAA01426@false.com>
Date:         Wed, 27 Oct 1999 18:22:13 +0400
Reply-To: Solar Designer <solar@FALSE.COM>
From: Solar Designer <solar@FALSE.COM>
X-To:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <E11fr92-0001Vz-00@the-village.bc.nu> from Alan Cox at "Oct 25,
              99 09:55:06 pm"

>
> Several daemons drop privilege, you stop them restoring the state and thus
> expose a new exciting hole. Just copy the 2.2 fix - stop the ldisc open, that
> enforces what you need.

I've done that for 2.0.38-ow4, which also includes some ELF loader
fixes for issues (DoS) found by Pavel Kankovsky, and a few more.

Signed,
Solar Designer


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[12354] in bugtraq

Re: Local user can send forged packets

daemon@ATHENA.MIT.EDU (Solar Designer)Wed Oct 27 14:36:18 1999

daemon@ATHENA.MIT.EDU (Solar Designer)
Wed Oct 27 14:36:18 1999