Το "Πιθανό DoS Attack" επιβεβαιώθηκε

Sakis Kanaris kanaris at freemail.gr
Tue Apr 4 01:22:51 EEST 2000


Πριν από περίπου ένα μήνα είχα "ενοχλήσει" την λίστα με ένα post για την
πιθανότητα ενός DoS attack σε kernels 2.2.x.
H BUGTRAQ σήμερα επιβεβαίωσε το... bug:

1. Multiple Linux Vendor Domain Socket Denial of Service Vulnerability
BugTraq ID: 1072
Remote: No
Date Published: 2000-03-23
Relevant URL:
http://www.securityfocus.com/bid/1072
Summary:

A denial of service exists in Linux kernels, as related to Unix domain
sockets ignoring limits as set in /proc/sys/net/core/wmem_max. By creating
successive Unix domain sockets, it is possible to cause a denial of
service in some versions of the Linux kernel. Versions 2.2.12, 2.2.14, and
2.3.99-pre2 have all been confirmed as being vulnerable. Previous kernel
versions are most likely vulnerable.

--
Κανάρης Αθανάσιος
kanaris at freemail.gr



--
linux-greek-users mailing list -- http://lists.hellug.gr




More information about the Linux-greek-users mailing list