Re: CAN-2004-1137

From: xyberpix (xyberpix_at_xyberpix.com)
Date: 12/30/04

  • Next message: hilton de meillon: "RE: CAN-2004-1137"
    To: hilton de meillon <hiltond@hotpop.com>
    Date: Thu, 30 Dec 2004 17:59:04 +0000
    
    
    

    Hi hilton,

    I have to ask, what kernel are you running, and what version of Slack?

    xyberpix

    On Thu, 2004-12-30 at 12:08 +1000, hilton de meillon wrote:
    > Hi All,
    >
    > Can anyone tell me why not many distros have an update for the CAN-2004-1137
    > (among other kernel vulnerabilities) yet ?.
    >
    > Ubuntu, Redhat, SuSe have updated kernels but pretty much all the rest do
    > not have an updated kernel for this issue.
    >
    > Secondly would 'iptables -A INPUT -p IGMP -j REJECT' protect my machine from
    > remote attacks ?.
    >
    > I tried this rule and then ran the proof of concept exploit from
    > http://www.securityfocus.com/bid/11917/solution/ and it still crashed my
    > (slackware) machine. I am assuming that it connects over a unix socket or
    > exploits one of the non-networked vulnerabilities as according to secfocus
    > there are three actual vulnerabilities contained in this vulnerability.
    >
    > Lastly I would have to say that this is a bit of a shocker for the linux
    > community, this vulnerability could be used with devastating effect, I am a
    > bit disappointed with linux in this regard.
    >
    > Any comments appreciated.
    >
    > hilton
    >
    >

    -- 
    For Security and Open Source news and tips visit:
    http://www.xyberpix.com
    
    



  • Next message: hilton de meillon: "RE: CAN-2004-1137"