Re: CAN-2004-1137

• Previous message: hilton de meillon: "CAN-2004-1137"
• In reply to: hilton de meillon: "CAN-2004-1137"
• Next in thread: hilton de meillon: "RE: CAN-2004-1137"
• Reply: hilton de meillon: "RE: CAN-2004-1137"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: hilton de meillon <hiltond@hotpop.com>
Date: Thu, 30 Dec 2004 17:59:04 +0000

Hi hilton,

I have to ask, what kernel are you running, and what version of Slack?

xyberpix

On Thu, 2004-12-30 at 12:08 +1000, hilton de meillon wrote:
> Hi All,
>
> Can anyone tell me why not many distros have an update for the CAN-2004-1137
> (among other kernel vulnerabilities) yet ?.
>
> Ubuntu, Redhat, SuSe have updated kernels but pretty much all the rest do
> not have an updated kernel for this issue.
>
> Secondly would 'iptables -A INPUT -p IGMP -j REJECT' protect my machine from
> remote attacks ?.
>
> I tried this rule and then ran the proof of concept exploit from
> http://www.securityfocus.com/bid/11917/solution/ and it still crashed my
> (slackware) machine. I am assuming that it connects over a unix socket or
> exploits one of the non-networked vulnerabilities as according to secfocus
> there are three actual vulnerabilities contained in this vulnerability.
>
> Lastly I would have to say that this is a bit of a shocker for the linux
> community, this vulnerability could be used with devastating effect, I am a
> bit disappointed with linux in this regard.
>
> Any comments appreciated.
>
> hilton
>
>

-- 
For Security and Open Source news and tips visit:
http://www.xyberpix.com

• application/pgp-signature attachment: This is a digitally signed message part

• Previous message: hilton de meillon: "CAN-2004-1137"
• In reply to: hilton de meillon: "CAN-2004-1137"
• Next in thread: hilton de meillon: "RE: CAN-2004-1137"
• Reply: hilton de meillon: "RE: CAN-2004-1137"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]