Re: Kernel 2.4.21 Forwarding table vulnerability
On Mon, Jul 28, 2003 at 11:38:51AM -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? You could subscribe to debian-changes@lists.debian.org See http://lists.debian.org/debian-changes/ Marcin PS: please reply _below_ the citation and cut unneeded text. -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216
Re: Kernel 2.4.21 Forwarding table vulnerability
On Mon, Jul 28, 2003 at 11:38:51AM -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? You could subscribe to [EMAIL PROTECTED] See http://lists.debian.org/debian-changes/ Marcin PS: please reply _below_ the citation and cut unneeded text. -- Marcin Owsiany <[EMAIL PROTECTED]> http://marcin.owsiany.pl/ GnuPG: 1024D/60F41216 FE67 DA2D 0ACA FC5E 3F75 D6F6 3A0D 8AA0 60F4 1216 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks for the info. I don't like depending on Red Hat for security fixes. I want to rely on Debian for this kind of stuff I just didn't know where to find it. Thanks --- Ulrich Scholler <[EMAIL PROTECTED]> wrote: > Hi Bruce, > > On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner > wrote: > > When were they patched? And how do I know when > they > > are patched and when they are available? Is there > > somewhere I can find this info? I found the Red > Hat > > info on Bugtraq but there was no mention of Debian > > Source anywhere. > > You can go to http://packages.qa.debian.org/, search > for a package of > your choice (for instance kernel-source-2.4.20) and > check the "Latest > News". These contain a brief description of the > changes in a package, > in the same format as in > /usr/share/doc//changelog.Debian.gz. > > regards, > > uLI > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Hi Bruce, On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? I found the Red Hat > info on Bugtraq but there was no mention of Debian > Source anywhere. You can go to http://packages.qa.debian.org/, search for a package of your choice (for instance kernel-source-2.4.20) and check the "Latest News". These contain a brief description of the changes in a package, in the same format as in /usr/share/doc//changelog.Debian.gz. regards, uLI
Re: Kernel 2.4.21 Forwarding table vulnerability
When were they patched? And how do I know when they are patched and when they are available? Is there somewhere I can find this info? I found the Red Hat info on Bugtraq but there was no mention of Debian Source anywhere. Thanks --- Matthijs Mohlmann <[EMAIL PROTECTED]> wrote: > Why download the source from RedHat? The source from > debian is also > patched with needed patches. > > apt-get install kernel-source > > On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > > You can download Red Hats > > kernel-source-2.4.20-19.9.i386.rpm run alien > against > > it and install the dpkg'ed kernel-source.deb. I > have > > been forced to do this in the past to get patches > that > > havn't been released or in the main stream kernel > from > > kernel.org yet. > > > > > > Peace > > --- Phillip Hofmeister <[EMAIL PROTECTED]> > wrote: > > > If I do use bridging...is there a patch? > > > > > > What is the consequences of an unpatched system? > (In > > > more detail than > > > below) > > > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert > Xu > > > wrote: > > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > > Bruce Banner <[EMAIL PROTECTED]> > writes: > > > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered > that > > > the Forwarding table > > > > >> could be spoofed by sending forged packets > with > > > bogus source > > > > >> addresses the same as the local host. > > > > > > > > > > Ah, this one. I don't even know if it's > about > > > IP. > > > > > > > > > > As usual, Red Hat's advisory is a joke. > *sigh* > > > > > > > > If you don't use bridging then it doesn't > affect > > > you. > > > > -- > > > > Debian GNU/Linux 3.0 is out! ( > > > http://www.debian.org/ ) > > > > Email: Herbert Xu ~{PmV>HI~} > > > <[EMAIL PROTECTED]> > > > > Home Page: > http://gondor.apana.org.au/~herbert/ > > > > PGP Key: > > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > > > > > > -- > > > Phillip Hofmeister > > > > > > PGP/GPG Key: > > > http://www.zionlth.org/~plhofmei/ > > > wget -O - > http://www.zionlth.org/~plhofmei/key.txt | > > > gpg --import > > > -- > > > Excuse #20: Monitor resolution too high > > > > > > > > > -- > > > To UNSUBSCRIBE, email to > > > [EMAIL PROTECTED] > > > with a subject of "unsubscribe". Trouble? > Contact > > > [EMAIL PROTECTED] > > > > > > > > > __ > > Do you Yahoo!? > > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > > http://sitebuilder.yahoo.com > > > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks for the info. I don't like depending on Red Hat for security fixes. I want to rely on Debian for this kind of stuff I just didn't know where to find it. Thanks --- Ulrich Scholler <[EMAIL PROTECTED]> wrote: > Hi Bruce, > > On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner > wrote: > > When were they patched? And how do I know when > they > > are patched and when they are available? Is there > > somewhere I can find this info? I found the Red > Hat > > info on Bugtraq but there was no mention of Debian > > Source anywhere. > > You can go to http://packages.qa.debian.org/, search > for a package of > your choice (for instance kernel-source-2.4.20) and > check the "Latest > News". These contain a brief description of the > changes in a package, > in the same format as in > /usr/share/doc//changelog.Debian.gz. > > regards, > > uLI > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Hi Bruce, On Mon Jul 28, 2003 at 11:38:51 -0700, Bruce Banner wrote: > When were they patched? And how do I know when they > are patched and when they are available? Is there > somewhere I can find this info? I found the Red Hat > info on Bugtraq but there was no mention of Debian > Source anywhere. You can go to http://packages.qa.debian.org/, search for a package of your choice (for instance kernel-source-2.4.20) and check the "Latest News". These contain a brief description of the changes in a package, in the same format as in /usr/share/doc//changelog.Debian.gz. regards, uLI -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Why download the source from RedHat? The source from debian is also patched with needed patches. apt-get install kernel-source On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > You can download Red Hats > kernel-source-2.4.20-19.9.i386.rpm run alien against > it and install the dpkg'ed kernel-source.deb. I have > been forced to do this in the past to get patches that > havn't been released or in the main stream kernel from > kernel.org yet. > > > Peace > --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > > If I do use bridging...is there a patch? > > > > What is the consequences of an unpatched system? (In > > more detail than > > below) > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > > wrote: > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > > the Forwarding table > > > >> could be spoofed by sending forged packets with > > bogus source > > > >> addresses the same as the local host. > > > > > > > > Ah, this one. I don't even know if it's about > > IP. > > > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > > > If you don't use bridging then it doesn't affect > > you. > > > -- > > > Debian GNU/Linux 3.0 is out! ( > > http://www.debian.org/ ) > > > Email: Herbert Xu ~{PmV>HI~} > > <[EMAIL PROTECTED]> > > > Home Page: http://gondor.apana.org.au/~herbert/ > > > PGP Key: > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > -- > > Phillip Hofmeister > > > > PGP/GPG Key: > > http://www.zionlth.org/~plhofmei/ > > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > > gpg --import > > -- > > Excuse #20: Monitor resolution too high > > > > > > -- > > To UNSUBSCRIBE, email to > > [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > > __ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com >
Re: Kernel 2.4.21 Forwarding table vulnerability
You can download Red Hats kernel-source-2.4.20-19.9.i386.rpm run alien against it and install the dpkg'ed kernel-source.deb. I have been forced to do this in the past to get patches that havn't been released or in the main stream kernel from kernel.org yet. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
When were they patched? And how do I know when they are patched and when they are available? Is there somewhere I can find this info? I found the Red Hat info on Bugtraq but there was no mention of Debian Source anywhere. Thanks --- Matthijs Mohlmann <[EMAIL PROTECTED]> wrote: > Why download the source from RedHat? The source from > debian is also > patched with needed patches. > > apt-get install kernel-source > > On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > > You can download Red Hats > > kernel-source-2.4.20-19.9.i386.rpm run alien > against > > it and install the dpkg'ed kernel-source.deb. I > have > > been forced to do this in the past to get patches > that > > havn't been released or in the main stream kernel > from > > kernel.org yet. > > > > > > Peace > > --- Phillip Hofmeister <[EMAIL PROTECTED]> > wrote: > > > If I do use bridging...is there a patch? > > > > > > What is the consequences of an unpatched system? > (In > > > more detail than > > > below) > > > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert > Xu > > > wrote: > > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > > Bruce Banner <[EMAIL PROTECTED]> > writes: > > > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered > that > > > the Forwarding table > > > > >> could be spoofed by sending forged packets > with > > > bogus source > > > > >> addresses the same as the local host. > > > > > > > > > > Ah, this one. I don't even know if it's > about > > > IP. > > > > > > > > > > As usual, Red Hat's advisory is a joke. > *sigh* > > > > > > > > If you don't use bridging then it doesn't > affect > > > you. > > > > -- > > > > Debian GNU/Linux 3.0 is out! ( > > > http://www.debian.org/ ) > > > > Email: Herbert Xu ~{PmV>HI~} > > > <[EMAIL PROTECTED]> > > > > Home Page: > http://gondor.apana.org.au/~herbert/ > > > > PGP Key: > > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > > > > > > -- > > > Phillip Hofmeister > > > > > > PGP/GPG Key: > > > http://www.zionlth.org/~plhofmei/ > > > wget -O - > http://www.zionlth.org/~plhofmei/key.txt | > > > gpg --import > > > -- > > > Excuse #20: Monitor resolution too high > > > > > > > > > -- > > > To UNSUBSCRIBE, email to > > > [EMAIL PROTECTED] > > > with a subject of "unsubscribe". Trouble? > Contact > > > [EMAIL PROTECTED] > > > > > > > > > __ > > Do you Yahoo!? > > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > > http://sitebuilder.yahoo.com > > > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Herbert Xu <[EMAIL PROTECTED]> writes: >>> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >>> could be spoofed by sending forged packets with bogus source >>> addresses the same as the local host. >> >> Ah, this one. I don't even know if it's about IP. >> >> As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. Do you know where a detailed advisory can be found? Thanks.
Re: Kernel 2.4.21 Forwarding table vulnerability
Why download the source from RedHat? The source from debian is also patched with needed patches. apt-get install kernel-source On Mon, 2003-07-28 at 19:05, Bruce Banner wrote: > You can download Red Hats > kernel-source-2.4.20-19.9.i386.rpm run alien against > it and install the dpkg'ed kernel-source.deb. I have > been forced to do this in the past to get patches that > havn't been released or in the main stream kernel from > kernel.org yet. > > > Peace > --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > > If I do use bridging...is there a patch? > > > > What is the consequences of an unpatched system? (In > > more detail than > > below) > > > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > > wrote: > > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > > the Forwarding table > > > >> could be spoofed by sending forged packets with > > bogus source > > > >> addresses the same as the local host. > > > > > > > > Ah, this one. I don't even know if it's about > > IP. > > > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > > > If you don't use bridging then it doesn't affect > > you. > > > -- > > > Debian GNU/Linux 3.0 is out! ( > > http://www.debian.org/ ) > > > Email: Herbert Xu ~{PmV>HI~} > > <[EMAIL PROTECTED]> > > > Home Page: http://gondor.apana.org.au/~herbert/ > > > PGP Key: > > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > > > > > > -- > > Phillip Hofmeister > > > > PGP/GPG Key: > > http://www.zionlth.org/~plhofmei/ > > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > > gpg --import > > -- > > Excuse #20: Monitor resolution too high > > > > > > -- > > To UNSUBSCRIBE, email to > > [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > > [EMAIL PROTECTED] > > > > > __ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
You can download Red Hats kernel-source-2.4.20-19.9.i386.rpm run alien against it and install the dpkg'ed kernel-source.deb. I have been forced to do this in the past to get patches that havn't been released or in the main stream kernel from kernel.org yet. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Beware there is also a vulnerability in the spanning tree implementation as well so. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Herbert Xu <[EMAIL PROTECTED]> writes: >>> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >>> could be spoofed by sending forged packets with bogus source >>> addresses the same as the local host. >> >> Ah, this one. I don't even know if it's about IP. >> >> As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. Do you know where a detailed advisory can be found? Thanks. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
If I do use bridging...is there a patch? What is the consequences of an unpatched system? (In more detail than below) On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table > >> could be spoofed by sending forged packets with bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. > -- > Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #20: Monitor resolution too high
Re: Kernel 2.4.21 Forwarding table vulnerability
Beware there is also a vulnerability in the spanning tree implementation as well so. Peace --- Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > If I do use bridging...is there a patch? > > What is the consequences of an unpatched system? (In > more detail than > below) > > On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu > wrote: > > Florian Weimer <[EMAIL PROTECTED]> wrote: > > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > > >> could be spoofed by sending forged packets with > bogus source > > >> addresses the same as the local host. > > > > > > Ah, this one. I don't even know if it's about > IP. > > > > > > As usual, Red Hat's advisory is a joke. *sigh* > > > > If you don't use bridging then it doesn't affect > you. > > -- > > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > > Home Page: http://gondor.apana.org.au/~herbert/ > > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > > > > > > -- > Phillip Hofmeister > > PGP/GPG Key: > http://www.zionlth.org/~plhofmei/ > wget -O - http://www.zionlth.org/~plhofmei/key.txt | > gpg --import > -- > Excuse #20: Monitor resolution too high > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
If I do use bridging...is there a patch? What is the consequences of an unpatched system? (In more detail than below) On Mon, 28 Jul 2003 at 07:39:53PM +1000, Herbert Xu wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table > >> could be spoofed by sending forged packets with bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect you. > -- > Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- Phillip Hofmeister PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import -- Excuse #20: Monitor resolution too high -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks, --- Herbert Xu <[EMAIL PROTECTED]> wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > >> could be spoofed by sending forged packets with > bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect > you. > -- > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Florian Weimer <[EMAIL PROTECTED]> wrote: > Bruce Banner <[EMAIL PROTECTED]> writes: > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >> could be spoofed by sending forged packets with bogus source >> addresses the same as the local host. > > Ah, this one. I don't even know if it's about IP. > > As usual, Red Hat's advisory is a joke. *sigh* If you don't use bridging then it doesn't affect you. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: Kernel 2.4.21 Forwarding table vulnerability
Thanks, --- Herbert Xu <[EMAIL PROTECTED]> wrote: > Florian Weimer <[EMAIL PROTECTED]> wrote: > > Bruce Banner <[EMAIL PROTECTED]> writes: > > > >> CAN-2003-0552: Jerry Kreuscher discovered that > the Forwarding table > >> could be spoofed by sending forged packets with > bogus source > >> addresses the same as the local host. > > > > Ah, this one. I don't even know if it's about IP. > > > > As usual, Red Hat's advisory is a joke. *sigh* > > If you don't use bridging then it doesn't affect > you. > -- > Debian GNU/Linux 3.0 is out! ( > http://www.debian.org/ ) > Email: Herbert Xu ~{PmV>HI~} > <[EMAIL PROTECTED]> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: > http://gondor.apana.org.au/~herbert/pubkey.txt > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Florian Weimer <[EMAIL PROTECTED]> wrote: > Bruce Banner <[EMAIL PROTECTED]> writes: > >> CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table >> could be spoofed by sending forged packets with bogus source >> addresses the same as the local host. > > Ah, this one. I don't even know if it's about IP. > > As usual, Red Hat's advisory is a joke. *sigh* If you don't use bridging then it doesn't affect you. -- Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ ) Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Bruce Banner <[EMAIL PROTECTED]> writes: > CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table > could be spoofed by sending forged packets with bogus source > addresses the same as the local host. Ah, this one. I don't even know if it's about IP. As usual, Red Hat's advisory is a joke. *sigh*
Re: Kernel 2.4.21 Forwarding table vulnerability
CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table could be spoofed by sending forged packets with bogus source addresses the same as the local host. --- Florian Weimer <[EMAIL PROTECTED]> wrote: > Bruce Banner <[EMAIL PROTECTED]> writes: > > > What impact does the Forwarding Table > Vulnerability of > > late have? > > Which vulnerability are you talking about? Do you > have CVE name for > it? __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com
Re: Kernel 2.4.21 Forwarding table vulnerability
Bruce Banner <[EMAIL PROTECTED]> writes: > What impact does the Forwarding Table Vulnerability of > late have? Which vulnerability are you talking about? Do you have CVE name for it?
Re: Kernel 2.4.21 Forwarding table vulnerability
Bruce Banner <[EMAIL PROTECTED]> writes: > CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table > could be spoofed by sending forged packets with bogus source > addresses the same as the local host. Ah, this one. I don't even know if it's about IP. As usual, Red Hat's advisory is a joke. *sigh* -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
CAN-2003-0552: Jerry Kreuscher discovered that the Forwarding table could be spoofed by sending forged packets with bogus source addresses the same as the local host. --- Florian Weimer <[EMAIL PROTECTED]> wrote: > Bruce Banner <[EMAIL PROTECTED]> writes: > > > What impact does the Forwarding Table > Vulnerability of > > late have? > > Which vulnerability are you talking about? Do you > have CVE name for > it? __ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21 Forwarding table vulnerability
Bruce Banner <[EMAIL PROTECTED]> writes: > What impact does the Forwarding Table Vulnerability of > late have? Which vulnerability are you talking about? Do you have CVE name for it? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]