Bugtraq: Re: Local user can send forged packets

Bugtraq mailing list archives

Re: Local user can send forged packets

From: solar () FALSE COM (Solar Designer)
Date: Wed, 27 Oct 1999 18:22:13 +0400


Several daemons drop privilege, you stop them restoring the state and thus
expose a new exciting hole. Just copy the 2.2 fix - stop the ldisc open, that
enforces what you need.


I've done that for 2.0.38-ow4, which also includes some ELF loader
fixes for issues (DoS) found by Pavel Kankovsky, and a few more.

Signed,
Solar Designer

By Date By Thread

Current thread:

Local user can send forged packets Marc SCHAEFER (Oct 22)
- Re: Local user can send forged packets Pavel Kankovsky (Oct 23)
  - IBM AIX Packet Filter module Brumbles (Oct 25)
    - Re: IBM AIX Packet Filter module Troy A. Bollinger (Oct 26)
    - Re: IBM AIX Packet Filter module (followup) Brumbles (Oct 27)
  - Re: Local user can send forged packets Alan Cox (Oct 25)
    - Re: Local user can send forged packets Solar Designer (Oct 27)
- SuSE Security Announcement - ypserv Marc Heuse (Oct 24)
- password leak in IBM WebSphere / HTTP Server / ikeyman Major Malfunction (Oct 24)