Re: Kernel 2.4.21 Forwarding table vulnerability
Beware there is also a vulnerability in the spanning
tree implementation as well so.
Peace
--- Phillip Hofmeister <plhofmei@zionlth.org> wrote:
> If I do use bridging...is there a patch?
>
> What is the consequences of an unpatched system? (In
> more detail than
> below)
>
> On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu
> wrote:
> > Florian Weimer <fw@deneb.enyo.de> wrote:
> > > Bruce Banner <bruc3_banner@yahoo.com> writes:
> > >
> > >> CAN-2003-0552: Jerry Kreuscher discovered that
> the Forwarding table
> > >> could be spoofed by sending forged packets with
> bogus source
> > >> addresses the same as the local host.
> > >
> > > Ah, this one. I don't even know if it's about
> IP.
> > >
> > > As usual, Red Hat's advisory is a joke. *sigh*
> >
> > If you don't use bridging then it doesn't affect
> you.
> > --
> > Debian GNU/Linux 3.0 is out! (
> http://www.debian.org/ )
> > Email: Herbert Xu ~{PmV>HI~}
> <herbert@gondor.apana.org.au>
> > Home Page: http://gondor.apana.org.au/~herbert/
> > PGP Key:
> http://gondor.apana.org.au/~herbert/pubkey.txt
> >
> >
> >
>
> --
> Phillip Hofmeister
>
> PGP/GPG Key:
> http://www.zionlth.org/~plhofmei/
> wget -O - http://www.zionlth.org/~plhofmei/key.txt |
> gpg --import
> --
> Excuse #20: Monitor resolution too high
>
>
> --
> To UNSUBSCRIBE, email to
> debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
Reply to: