[17299] in bugtraq
Re: [RHSA-2000:087-02] Potential security problems in ping fixed.
daemon@ATHENA.MIT.EDU (Joseph Gernandez)
Mon Oct 23 13:45:22 2000
Message-Id: <20001022005417.7353.qmail@securityfocus.com>
Date: Sun, 22 Oct 2000 00:54:17 -0000
Reply-To: Joseph Gernandez <neo@ERASED.ORG>
From: Joseph Gernandez <neo@ERASED.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
Something else to note about the ping bug everyone
is raving about.. The program does not give a seg
fault unless run as root, as far as I can see.
[root:/home/neo/c]# ping -c 1 -s 65690 localhost
WARNING: packet size 65690 is too large. Maximum
is 65507
Segmentation fault
[root:/home/neo/c]# exit
exit
[neo:~/c]$ ping -c 1 -s 65690 localhost
Error: packet size 65690 is too large. Maximum is
65507
[neo:~/c]$
This was on RedHat 6.2, with the default ping
package. Perhaps it's not as big a security problem
as people have this far thought it was.
_neo
