[plug] local DoS with ping -R

Anthony J. Breeds-Taurima tony at cantech.net.au
Mon Dec 13 11:50:55 WST 1999


On Mon, 13 Dec 1999, Christian wrote:

> On Mon, 13 Dec 1999, Matt Kemner wrote:
> 
> > On Mon, 13 Dec 1999, Anthony J. Breeds-Taurima wrote:
> > 
> > So can you ping -s 65468 -R ?
> > (WARNING, this will kill the machine if you're running 2.0)
> 
> hobbes:~$ ping -s 65468 -R 10.1.1.10
> ping: Operation not permitted
> hobbes:~$ uname -a
> Linux hobbes 2.0.36 #2 Sun Feb 21 15:55:27 EST 1999 i586 unknown
> 
> Therefore Debian 2.1 (possibly 2.0?) is not vulnerable to this.  Matt,
> maybe you could pass this on to BUGTRAQ if it hasn't already been
> stated. (I'm a bit behind with my BUGTRAQ reading lately...)

This means you can't atack someone from 2.1, without hacking ping.c
It doesn't mean you can't be attacked by someone (... well you're obviously
behind a f/w so that doesn't count)  BUT if you're box had a real IP I recon
you'd be vulnerable


Yours Tony.



More information about the plug mailing list