[18220] in bugtraq
Re: updated Bindview NAPTHA advisory
daemon@ATHENA.MIT.EDU (Alfred Perlstein)
Wed Dec 20 16:31:48 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id: <20001219185245.A19572@fw.wintelcom.net>
Date: Tue, 19 Dec 2000 18:52:46 -0800
Reply-To: Alfred Perlstein <bright@WINTELCOM.NET>
From: Alfred Perlstein <bright@WINTELCOM.NET>
X-To: Bob Keyes <bkeyes@MAIL.BOS.BINDVIEW.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSF.4.05.10012181702340.92068-100000@mail.bos.bindview.com>; from bkeyes@MAIL.BOS.BINDVIEW.COM on
Mon, Dec 18, 2000 at 05:24:32PM -0500
* Bob Keyes <bkeyes@MAIL.BOS.BINDVIEW.COM> [001219 16:36] wrote:
> The NAPTHA DoS vulnerabilities
>
> Issue Date: 30 November 2000
> Updated: 18 December 2000
> Contact: Robert Keyes
>
> Topic:
>
> Network DoS vulnerabilities
>
> Overview:
>
> A set of network DoS vulnerabilities has been discovered, and the name
> NAPTHA is being used to describe them as a group. The NAPTHA
> vulnerabilities are weaknesses in the way that TCP/IP stacks and network
> applications handle the state of a TCP connection.
>
I thought this was already exposed as a pretty stupid vulnerability.
You need local net access or you must reveal your identity for this
attack to work (send packets with a true source address).
This is also just another rehash of an old program called "octopus",
just that it requires less resources to run.
I can't believe you guys are still trying to gain attention with
this bogus "vulnerability".
References (you'll laugh):
http://docs.freebsd.org/cgi/getmsg.cgi?fetch=111311+0+archive/2000/freebsd-security/20001210.freebsd-security
http://docs.freebsd.org/cgi/getmsg.cgi?fetch=157312+0+archive/2000/freebsd-security/20001210.freebsd-security
Lastly the flooding on the ssh port should have been fixed since at
least FreeBSD 4.1.1 which is several months old.
bye!
--
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."
