Network Security: Detailed info on Re: Linux kernel IGMP vulnerabilities

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security VulnWatch

[Top] [All Lists]

Re: Linux kernel IGMP vulnerabilities

from [Paul Starzetz] Network Security

[Permanent Link]

Subject:	Re: Linux kernel IGMP vulnerabilities
Date:	Wed, 15 Dec 2004 13:34:33 +0100 (CET)

On Tue, 14 Dec 2004, stephen joseph butler wrote:

/proc/net/igmp
/proc/net/mcfilter

if both exist and are non-empty you are vulnerable!


Just to be clear: if "mcfilter" is empty, then you aren't vulnerable?
I have both files, and "igmp" contains data, but "mcfilter" is empty.


You are not vulnerable to the remote attack described under (3), however 
your kernel may be still buggy. Note that you need a running process that 
has manipulated its multicast socket filters. If your kernel is buggy and 
you have local users such an application can always appear, at a time you 
don't expect it.

-- 
Paul Starzetz
iSEC Security Research
http://isec.pl/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Linux kernel IGMP vulnerabilities, Paul Starzetz Re: Linux kernel IGMP vulnerabilities, Pekka Savola Re: Linux kernel IGMP vulnerabilities, stephen joseph butler Re: Linux kernel IGMP vulnerabilities, Paul Starzetz <=

Previous by Date:	Re: Linux kernel scm_send local DoS, Paul Starzetz
Next by Date:	Re: Linux kernel scm_send local DoS, even multiplexed
Previous by Thread:	Re: Linux kernel IGMP vulnerabilities, stephen joseph butler
Next by Thread:	Linux kernel scm_send local DoS, Paul Starzetz
Indexes:	[Date] [Thread] [Top] [All Lists]