[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Kernel 2.4.21 Forwarding table vulnerability

If I do use bridging...is there a patch?

What is the consequences of an unpatched system? (In more detail than
below)

On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu wrote:
> Florian Weimer <fw@deneb.enyo.de> wrote:
> > Bruce Banner <bruc3_banner@yahoo.com> writes:
> > 
> >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table
> >> could be spoofed by sending forged packets with bogus source
> >> addresses the same as the local host.
> > 
> > Ah, this one.  I don't even know if it's about IP.
> > 
> > As usual, Red Hat's advisory is a joke. *sigh*
> 
> If you don't use bridging then it doesn't affect you.
> -- 
> Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
> Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> 
> 
> 

-- 
Phillip Hofmeister

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
--
Excuse #20: Monitor resolution too high
Reply to: