Re: TCP Sequence-Prediction (4.5-PRE)

From: admin (admin@crimelords.org)
Date: 01/07/02 

Date: Mon, 7 Jan 2002 10:43:55 -0600 (CST)
From: admin <admin@crimelords.org>
To: Matthias Schuendehuette <msch@snafu.de>

I got the same thing when scanning a 4.4-STABLE box with ISS Scanner...I
personally think it's the scanner, but am still testing myself.

--emacs

On Fri, 4 Jan 2002, Matthias Schuendehuette wrote:

> Hi Joe,
>
> Am Donnerstag, 3. Januar 2002 22:07 schrieben Sie:
> > On Thu, 2002-01-03 at 15:59, Matthias Schuendehuette wrote:
> > > I looked at the published Patch in FreBSD-SA-00:52 but couldn't
> > > find the Sourcecode Sequence to be patched any more (I wasn't
> > > wondering).
> >
> > Is this what you're looking for:
> >
> > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/patches/SA-00%3A52/tcp-iss.pat
> >ch
>
> as I've mentioned above, I *found* that patch but if you look at the
> source files to patch you'll recognize that they're completely
> different now and that the patch doesn't succeed anymore (which isn't
> surprising for noone IMHO).
>
> I think, the point is what ISS states as 'predictable'... I'll wait
> what our iss-service declares - I can't imagine that 4.5-PRERELEASE is
> worse than 4.1.1-STABLE concerning 'tcp prediction'.
>
> Ciao/BSD - Matthias
>
> --
> ***************************************************************************
> * Matthias Schuendehuette msch@snafu.de *
> * Solmsstrasse 44 *
> * D-10961 Berlin Engineering Systems Support and Operation *
> * Germany (Powered by FreeBSD 4.5-PRERELEASE) *
> ***************************************************************************
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Relevant Pages

  • Re: ISS Apache Advisory Response
    ... > There has been a lot of misinformation spread about our ISS Apache Advisory ... > day quiet period to provide an opportunity to create a patch or work around. ... Do you know what the vendors' security issue handling ...
    (Bugtraq)
  • RE: Windows 2003 Server SP1 Removes the MS03-039 Patch
    ... doesn't mention specific registry values, just a registry key, which is empty ... mode to try to determine why exactly AU might think the patch is missing. ... If MBSA says all is OK and ISS does not, ...
    (microsoft.public.security)
  • Re: ISS Apache Advisory Response
    ... > There has been a lot of misinformation spread about our ISS Apache Advisory ... > day quiet period to provide an opportunity to create a patch or work around. ...
    (Bugtraq)
  • Re: TCP Sequence-Prediction (4.5-PRE)
    ... On Fri, 2002-01-04 at 11:16, Matthias Schuendehuette wrote: ... I *found* that patch but if you look at the ... > Ciao/BSD - Matthias ... with "unsubscribe freebsd-security" in the body of the message ...
    (FreeBSD-Security)
  • rpc.statd problem and Solaris 8
    ... Does the rpc.statd problem reported in Security Bulletin 135 ... truly affect Solaris 8? ... An ISS scan reports the problem. ... the appropriate patch? ...
    (comp.sys.sun.admin)