Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Linux kernel scm_send local DoS

from [even multiplexed] Network Security [Permanent Link]
Subject: Re: Linux kernel scm_send local DoS
Date: Wed, 15 Dec 2004 13:52:22 +0100 
Paul Starzetz wrote:

On Wed, 15 Dec 2004, even multiplexed wrote:



attention.i just wanted to ask if anyone has a tip for me how to quickfix this bug, without actually rebuilding a patched version of the kernel.



I don't think this is practicable, since the bugs reside in deep kernel functions. You can not fix it just by disabling a particular syscall. You have patch a running kernel binary, maybe someone comes up with this kind of utlility.



well, i was also examining the igmp exploit you posted earlier, that one was relatively easy to disable, by setting the following sysctl vars:

net.ipv4.igmp_max_msf = 0
net.ipv4.igmp_max_memberships = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1

since i dont really need igmp support on that server=)

its just that scm_send thing, that i didnt find any config option for...
so i guess that means either waiting till someone of the kernel maintainers release a patch, or get one of my friends, that is better on programming tasks, to fix that one...
all at all makes for quite a risky day for a shell provider...

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Linux kernel IGMP vulnerabilities, Paul Starzetz
Next by Date:  Re: Linux kernel IGMP vulnerabilities, stephen joseph butler
Previous by Thread:  Re: Linux kernel scm_send local DoS, Paul Starzetz
Next by Thread:  Re: [Full-Disclosure] Re: Linux kernel scm_send local DoS, Valdis . Kletnieks
Indexes:  [Date] [Thread] [Top] [All Lists]