[3514] in bugtraq
Re: Urgent !! Serious Linux Security Bug....
daemon@ATHENA.MIT.EDU (TriumpH)
Sun Oct 20 21:02:02 1996
Date: Sun, 20 Oct 1996 09:24:17 -0400
Reply-To: TriumpH <triumph@ziplink.net>
From: TriumpH <triumph@ziplink.net>
X-To: Jake the Prince <usa@win95.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <3269053B.3D6F@win95.com>
I run kernel 2.1.5 and it seems as if it is fixed, I haven't tried
it, but I compared the patch to my ip_fragment.c, and it looks the same at
those line numbers..
____________________________________________________
| |\_______ |\. ._ |
| |__ __\ | | | \ |
| | | .____ o .___ _____ ___ | |_| | |
| | | | .__\._ | | | / \/ \| _ | |
|::::::::| |:| |:::| || | |:| |_| || o | |:| |:::::|
|::::::::|_ |:|_|:::|_|\___/:|_|:|_|| ._/|_|:| |:::::|
|::::::::::\|:::::::::->3y3 4m<-::::|_|:::::::\|:::::|
|::::::::::::::->triumph@ziplink.net<-:::::::::::::::|
|:::::::::::::::->triumph@usa1.com<-:::::::::::::::::|
|::::::::::->triumph@halcyon.ziplink.net<-:::::::::::|
|:::::::::::->triumph@forever.zipnet.net<-:::::::::::|
|sysadmin halcyon.ziplink.net::::::::::::::::::::::::|
On Sat, 19 Oct 1996, Jake the Prince wrote:
> Hi,
>
> Today we saw an email from Linus Torvalds advising of a problem
> with Linux and ping. Basically you can reboot a linux box remotely if
> some scenario's are right. From what we can tell and this has all been
> verified is: If anyone in the world with a Windows 95 machine can ping
> your
> Linux box they can potentially reboot that machine.. Hence a serious
> denial of service OR loss of data.
>
> Scenario:
>
> Win95 user types 'ping -l 65510 host.running.linux'.
>
> Result:
>
> That machine reboots OR freezes.
>
> On the Linux machine, you need to be running kernel version 2.0.7(It's
> the
> lowest we run) up to version 2.0.20(The highest we're running).
>
> With ping you can use value 65508-65527.
>
> We have extensively tested both of these.
>
> I'm sure there are thousands of Linux systems that could be affected.
>
> There IS a BETA patch out and it DOES work.. If you don't have that
> patch
> code as of yet, it's attached.
>
> Cyaz
>
> Jake The Prince
>
> PS..... Thanks to whoever found this serious bug...
> -
>
> /-----------------------------------------------------------\
> | I have just one \|/ ____ \|/ |
> | thing to say... ~@-/ oO \-@~ Neener, neener, neener. |
> | /_( \__/ )_\ |
> | \__U_/ |
> | |
> | -*- Opp -*- (usa@win95.com) -*- USA_Direkt -*- |
> \-----------------------------------------------------------/
>
