[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FreeBSD 2.2.5R - FreeBSD Current "SMURF" Vulnerability

To: BUGTRAQ@NETSPACE.ORG
Subject: Re: FreeBSD 2.2.5R - FreeBSD Current "SMURF" Vulnerability
From: David Greenman <dg@root.com>
Date: Thu, 28 May 1998 18:03:16 -0700
Approved-By: aleph1@NATIONWIDE.NET
In-Reply-To: Your message of "Wed, 27 May 1998 13:58:09 EDT." <Pine.A32.3.93.980527135357.6756B-100000@tequesta.gate.net>
Reply-To: dg@root.com
Sender: Bugtraq List <BUGTRAQ@NETSPACE.ORG>

>I opened PR kern/5294 against 2.2.5R and provided a patch for this problem
>in December, currently the PR is 'suspended, awaiting committer'.  See

   For whatever reason, I didn't see that PR when it was filed. Apparantly
Garrett didn't see it either, since when I brought up the issue with him,
that was the first he'd heard of it. My apologies that the bug went unfixed
for so long - you should have been more persistent. :-)
   As it turns out, the proper fix is to not check the multicast address. The
check for the MCAST/BCAST flags is quite sufficient.

-DG

David Greenman
Co-founder/Principal Architect, The FreeBSD Project

References:
- Re: FreeBSD 2.2.5R - FreeBSD Current "SMURF" Vulnerability
  - From: Joe Traister <traister@GATE.NET>

Prev by Date: Re: Problem with ascend pipeline routers.
Next by Date: Ascend Pipeline DoS
Prev by thread: Re: FreeBSD 2.2.5R - FreeBSD Current "SMURF" Vulnerability
Next by thread: IRIX 6.3 NetWare Client 1.0 Vulnerabilities
Index(es):
- Date
- Thread