From: hilton de meillon (hiltond_at_hotpop.com)
To: <firstname.lastname@example.org> Date: Thu, 30 Dec 2004 12:08:08 +1000
Can anyone tell me why not many distros have an update for the CAN-2004-1137
(among other kernel vulnerabilities) yet ?.
Ubuntu, Redhat, SuSe have updated kernels but pretty much all the rest do
not have an updated kernel for this issue.
Secondly would 'iptables -A INPUT -p IGMP -j REJECT' protect my machine from
remote attacks ?.
I tried this rule and then ran the proof of concept exploit from
http://www.securityfocus.com/bid/11917/solution/ and it still crashed my
(slackware) machine. I am assuming that it connects over a unix socket or
exploits one of the non-networked vulnerabilities as according to secfocus
there are three actual vulnerabilities contained in this vulnerability.
Lastly I would have to say that this is a bit of a shocker for the linux
community, this vulnerability could be used with devastating effect, I am a
bit disappointed with linux in this regard.
Any comments appreciated.