Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Linux
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: CAN-2004-1137

from [xyberpix] Network Security [Permanent Link]
Subject: Re: CAN-2004-1137
Date: Thu, 30 Dec 2004 17:59:04 +0000 
Hi hilton,

I have to ask, what kernel are you running, and what version of Slack?

xyberpix

On Thu, 2004-12-30 at 12:08 +1000, hilton de meillon wrote:

Hi All,

Can anyone tell me why not many distros have an update for the CAN-2004-1137
(among other kernel vulnerabilities) yet ?. 

Ubuntu, Redhat, SuSe have updated kernels but pretty much all the rest do
not have an updated kernel for this issue. 

Secondly would 'iptables -A INPUT -p IGMP -j REJECT' protect my machine from
remote attacks ?.

I tried this rule and then ran the proof of concept exploit from
http://www.securityfocus.com/bid/11917/solution/ and it still crashed my
(slackware) machine. I am assuming that it connects over a unix socket or
exploits one of the non-networked vulnerabilities as according to secfocus
there are three actual vulnerabilities contained in this vulnerability.

Lastly I would have to say that this is a bit of a shocker for the linux
community, this vulnerability could be used with devastating effect, I am a
bit disappointed with linux in this regard.

Any comments appreciated.

hilton



-- 
For Security and Open Source news and tips visit:

http://www.xyberpix.com

Attachment: signature.asc
Description: This is a digitally signed message part

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  CAN-2004-1137, hilton de meillon
Next by Date:  RE: CAN-2004-1137, hilton de meillon
Previous by Thread:  CAN-2004-1137, hilton de meillon
Next by Thread:  RE: CAN-2004-1137, hilton de meillon
Indexes:  [Date] [Thread] [Top] [All Lists]