[8822] in bugtraq
Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service
daemon@ATHENA.MIT.EDU (Guido van Rooij)
Thu Dec 24 21:18:15 1998
Date: Thu, 24 Dec 1998 11:18:54 +0100
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Guido van Rooij <Guido.vanRooij@NL.ORIGIN-IT.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <01BE2E65.E061C130.munkedal@n-m.com>; from Ulf Munkedal on Wed,
Dec 23, 1998 at 11:17:48AM +0100
On Wed, Dec 23, 1998 at 11:17:48AM +0100, Ulf Munkedal wrote:
> Have I missed something on the list lately about these illegal packets that
> CERT are adressing ("constructing a sequence of packets with certain
> characteristics, an intruder can cause vulnerable systems to crash, hang,
> or behave in unpredictable ways")?
>
> Or is this just the old teardrop/newtear/boink/bonk/nestea2 problem that
> they are talking about?
>
No. This is an entirely new problem. It was discovered by me after a bug
report for an SMP FreeBSD system. Since I know it is only a matter
of time before such a bug would be abused, I decided to inform
CERT (also because the problem has been present since at least the
BSD Net/2 release). No public exploits are known to me.
-Guido
