[12935] in bugtraq
Re: Big problem on 2.0.x?
daemon@ATHENA.MIT.EDU (Hugo.van.der.Kooij@CAIW.NL)
Fri Dec 10 19:15:54 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9912102340530.31847-100000@bastion.hugo.vanderkooij.org>
Date: Fri, 10 Dec 1999 23:48:17 +0100
Reply-To: Hugo.van.der.Kooij@CAIW.NL
From: Hugo.van.der.Kooij@CAIW.NL
X-To: Eduardo Cruz <eduardo.cruz@TS-G.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <008e01bf4265$b5175ac0$dac1a6c3@tsg.com>
On Thu, 9 Dec 1999, Eduardo Cruz wrote:
> Last week i was playing with my old linux 2.0.36 i486 box, while i was playing with the command ping and trying combinations of commands
> i found that when u do a ping -s 65468 -R ANYIPADDRESS ( -R record route) the system starts to print on the screen kernel dumps
> , freezes complitely and after few secconds the system reboots.
>
> The major problem with this (if this is a bug, because i dont have time to install differents kernels and test it better) is that command can be run by everyone
> because you dont need root permissions to make a -R.
>
> I tested this on a 2.0.35 and .36 (both slackware), when u try to do this on a 2.2.x the system prints out "message too long".
> I think the problem is that there is a size-check missed when u reach the maximun packet size and u put the route information, but anyway
> i am not a guru on kernels.
Being no guru I noticed there were some patches for these kernels and
2.0.x kernels now run into 2.0.38 so I suggest you test 2.0.38 before you
yell BUG.
Browsing the info on http://www.kernelnotes.org/ does at least make one
wonder wether this is a known issue that's solved as there are changes in
the networking code.
Hugo.
--
Hugo van der Kooij; Oranje Nassaustraat 16; 3155 VJ Maasland
hvdkooij@caiw.nl http://home.kabelfoon.nl/~hvdkooij/
--------------------------------------------------------------
Use of any of my email addresses for unsollicited (commercial)
email is a clear intrusion of my privacy and illegal!
