[security-alerts] Linux remote DoS info

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ------------------------------
> 
> Message: 3
> Date: Tue, 7 Feb 2006 11:39:36 -0600
> From: H D Moore <hdm-daily-dave@xxxxxxxxxxxxxxxxxx>
> Subject: [Dailydave] Fun with Linux (2.6.12 -> 2.6.15.2)
> To: dailydave@xxxxxxxxxxxxxxxxxxxxx
> Message-ID: <200602071139.36310.hdm-daily-dave@xxxxxxxxxxxxxxxxxx>
> Content-Type: text/plain;  charset="us-ascii"
> 
> A fun remote DoS was fixed today. The bug occurs when the 
> kernel tries to 
> respond to an ICMP packet and the ip_options_echo() function fails. 
> So far, it seems like the two ways to trigger this are via 
> record-route 
> and timestamp IP options that have needaddr bit set and a truncated 
> value. The easy fix is to block ICMP until you upgrade your kernels...
> 
> http://www.kernel.org/diff/diffview.cgi?file=%2Fpub%2Flinux%2F
kernel%2Fv2.6%2Fpatch-2.6.15.3.bz2;z=27
> 
> Add the recent FreeBSD SACK bug, the various Windows driver 
> bugs, and some 
> magic OS X 0day and you can keep your entire local network staring at 
> crash dump screens indefinitely...
> 
> -HD
> 
> 
> ------------------------------
> 
> _______________________________________________
> Dailydave mailing list
> Dailydave@xxxxxxxxxxxxxxxxxxxxx
> http://lists.immunitysec.com/mailman/listinfo/dailydave
> 
> 
> End of Dailydave Digest, Vol 7, Issue 7
> ***************************************
>