Re: [suse-security] New TCP-stack-exploit a hoax
currently i belive its just a hoax, if you see the discussion on bugtraq, the exploit shows that it works until kernel 2.4.20pre2x which is far away from the actually relased develkernel (2.4.20pre11). If not we've maybe a big problem ;)
That can be a typo. BTW. If i've a stateful inspection of my ip-packets and drop all packets not related to a connection i established such fragmented packets mentioned should not care me ?!? OR am i FALSE ?? Michael
On Fri, 18 Oct 2002, GentooRulez wrote:
currently i belive its just a hoax, if you see the discussion on bugtraq, the exploit shows that it works until kernel 2.4.20pre2x which is far away from the actually relased develkernel (2.4.20pre11). If not we've maybe a big problem ;)
That can be a typo.
BTW. If i've a stateful inspection of my ip-packets and drop all packets not related to a connection i established such fragmented packets mentioned should not care me ?!? OR am i FALSE ?? Why? Connection-tracking could be buggy too? ;-)
Sebastian -- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@suse.de - SuSE Security Team ~
participants (2)
-
GentooRulez -
Sebastian Krahmer