Re: CERT Advisory CA-97.28 - Teardrop_Land

Alan Cox (alan@LXORGUK.UKUU.ORG.UK)
Wed, 17 Dec 1997 01:26:45 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: SGI Security Coordinator: "SGI Security Advisory 19971201-01-P1391 - statd(1M) Buffer Overrun"
Previous message: Aleph One: "Q147222: Group of Hotfixes for Exchange 5.5 and IIS 4.0"
Maybe in reply to: Aleph One: "CERT Advisory CA-97.28 - Teardrop_Land"
Next in thread: Ron Holt: "Re: CERT Advisory CA-97.28 - Teardrop_Land"

> > Red Hat Software
> > ================
> >
> > Topic 1 - Teardrop
> >
> > Linux is not vulnerable.
>
> It's well known that versions of Linux prior to publishing of the
> teardrop attack *were* vulnerable. The above borders on an outright
> lie.

I've already moaned. The correct answer is:

Linux

Prior to 2.0.31 and earlier are vulnerable to teardrop
2.0.32 and above are not.

RedHat 5.0 ships with a 2.0.31+patches that is not vulnerable. RH5.0
update for the 2.0.32 kernel is on ftp.redhat.com

update kernel and/or apply the patch to the existing kernel if you wish
to remain running an older kernel for reasons such as compliance testing.

I _hope_ someone in RH or Cert merely got teardrop and land muddled up.

Alan

Next message: SGI Security Coordinator: "SGI Security Advisory 19971201-01-P1391 - statd(1M) Buffer Overrun"
Previous message: Aleph One: "Q147222: Group of Hotfixes for Exchange 5.5 and IIS 4.0"
Maybe in reply to: Aleph One: "CERT Advisory CA-97.28 - Teardrop_Land"
Next in thread: Ron Holt: "Re: CERT Advisory CA-97.28 - Teardrop_Land"