Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security VulnWatch
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Full-Disclosure] Re: Linux kernel IGMP vulnerabilities

from [Timothy Hall] Network Security [Permanent Link]
Subject: [Full-Disclosure] Re: Linux kernel IGMP vulnerabilities
Date: Wed, 15 Dec 2004 16:02:10 -0500 
Greetings Paul and Stephen and List...

Paul thanks for clearing that up.  SuSE 9.0 Pro (at least the way two
boxes I take care of are set up) have
/proc/net/igmp
/proc/net/mcfilter
but 'mcfilter' is empty.  
No local users other than myself...  At least that I can tell...  :)



TîMöTH¥ Hª££



Paul Starzetz <ihaquer@isec.pl> 12/15/04 07:34AM >>>

On Tue, 14 Dec 2004, stephen joseph butler wrote:


/proc/net/igmp
/proc/net/mcfilter

if both exist and are non-empty you are vulnerable!


Just to be clear: if "mcfilter" is empty, then you aren't

vulnerable?

I have both files, and "igmp" contains data, but "mcfilter" is

empty.

You are not vulnerable to the remote attack described under (3),
however 
your kernel may be still buggy. Note that you need a running process
that 
has manipulated its multicast socket filters. If your kernel is buggy
and 
you have local users such an application can always appear, at a time
you 
don't expect it.

-- 
Paul Starzetz
iSEC Security Research
http://isec.pl/ 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [Full-Disclosure] Re: Linux kernel IGMP vulnerabilities, Timothy Hall <=
Previous by Date:  [VulnWatch] Veritas BackupExec Agent vulnerability, Brad Zimmerman
Next by Date:  [Full-Disclosure] Secunia Research: My Firewall Plus Privilege Escalation Vulnerability, Carsten H. Eiram
Previous by Thread:  [VulnWatch] Veritas BackupExec Agent vulnerability, Brad Zimmerman
Next by Thread:  [Full-Disclosure] Secunia Research: My Firewall Plus Privilege Escalation Vulnerability, Carsten H. Eiram
Indexes:  [Date] [Thread] [Top] [All Lists]