[3548] in bugtraq
Re: Urgent !! Serious Linux Security Bug....
daemon@ATHENA.MIT.EDU (don larmee)
Tue Oct 22 14:59:02 1996
Date: Tue, 22 Oct 1996 09:39:51 -0400
Reply-To: don larmee <dlarmee@richmond.infi.net>
From: don larmee <dlarmee@richmond.infi.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
>The AIX 4.1.4 release is susceptible and 3.2.5 is not. IBM was aware of the
>problem with large packets, and a PTF for bos.tcp.client.4.1.4.18 is
>available. The latest APAR number for TCP and security fixes is U445555.
>Apply this fix and vulnerability goes away.
>
Here is some more contradictory information for everyone. Yesterday I wrote
that my AIX 3.2.5 (Token Ring) seemed to ignore the ping. Well, as it turns
out about 2 hours after I sent the ping the system crashed. The
/var/tmp/snmpd.log file shows a 'EXCEPTION: read of "union sockaddr_un" from
kmem failed', and then a zillion 'EXCEPTION: read if "struct ifaddr" from
kmem failed' entries filling up the rest of the log until the system finally
died.
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
Donald H. Larmee dlarmee@richmond.infi.net
Senior Software Engineer
Distributed Systems 804.965.6115
Health Communication Services ~ Trigon BC/BS
+-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-+
