patch for DoS attack
_MHz_
costcon at cytanet.com.cy
Sun Jun 6 17:27:07 EEST 1999
Vgike akomi patch gia ta SuSE Linux v6.1
prin 2-3 meres to epiasa apo ton ipefthino twn security:
____________________________________________________________________________
__
SuSE Security Announcement
Package: Linux kernel 2.2.x
Date: Thu Jun 3 19:50:05 CEST 1999
Affected: All Linux systems using kernel 2.2.x
____________________________________________________________________________
__
A security hole were discovered in the package mentioned above.
Please update as soon as possible or disable the service if you are using
this software on your SuSE Linux installation(s).
Other Linux distributions or operating systems might be affected as
well, please contact your vendor for information about this issue.
Please note, that that we provide this information on as "as-is" basis only.
There is no warranty whatsoever and no liability for any direct, indirect or
incidental damage arising from this information or the installation of
the update package.
____________________________________________________________________________
__
1. Problem Description
The Linux kernel 2.2.x doesn't correctly parse the IP options, which
leads to kernel panic.
2. Impact
Linux machines running kernel 2.2.x could be shut down over the network
by sending malicious formated ICMP packets.
3. Solution
Install the fixed kernel from our ftp server.
____________________________________________________________________________
__
Here is the md5 checksum of the upgrade package, please verify these
before installing the new package:
d7da41803cde484fac910dc0eaa0a5df lx_suse-2.2.7.SuSE-3.i386.rpm
c106a0465630260cfa4181c2c0e84ec4 linux-2.2.7.SuSE.tgz
____________________________________________________________________________
__
You will find the updates on our ftp-Server:
ftp://ftp.suse.com/pub/SuSE-Linux/suse_update/kernel/linux-2.2.7.SuSE.tgz
ftp://ftp.suse.com/pub/SuSE-Linux/suse_update/suse61/d1/lx_suse-2.2.7.SuSE-3
.i386.rpm
Webpage for patches:
http://www.suse.de/patches/index.html
or try the following web pages for a list of mirrors:
http://www.suse.de/ftp.html
http://www.suse.com/ftp_new.html
=====================================
= Contact _MHz_
= E-mail: costcon at cytanet.com.cy
= _mhz_ at softhome.net
= In IRC: #Archangelos in Undernet Servers
= UIN: 30136845
=====================================
----- Original Message -----
From: D.A.Glynos <glynos at dial.pipex.com>
To: Linux-Greek-Users <linux-greek-users at hellug.gr>
Sent: 04 June 1999 22:40
Subject: patch for DoS attack
>
> kserw kserw:) den eimaste bugtraq,
> apla epeidi einai sxetika mikro to patch skeftika oti tha itan kali idea
> na to kanw post edw.
>
> Simfwna me ton Cox, lunei to provlima twn teleutewn
> DoS attacks stous 2.2.x pirines:
>
> --- ../linux.vanilla/net/ipv4/ip_options.c Wed May 12 16:49:38 1999
> +++ net/ipv4/ip_options.c Tue Jun 1 22:11:46 1999
> @@ -452,7 +452,6 @@
> error:
> if (skb) {
> icmp_send(skb, ICMP_PARAMETERPROB, 0,
> htonl((pp_ptr-iph)<<24));
> - kfree_skb(skb);
> }
> return -EINVAL;
> }
>
>
> --
> ====================================================================
> Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
> Ta archives tis listas einai sto http://lists.hellug.gr/archives
> prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
> Gia opoiodipote problima stilte e-mail ston
owner-linux-greek-users at hellug.gr
> ====================================================================
>
--
====================================================================
Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
Ta archives tis listas einai sto http://lists.hellug.gr/archives
prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users at hellug.gr
====================================================================
More information about the Linux-greek-users
mailing list