It fixed long time ago on kernel 2.0.38
Hetz
Omer wrote:
>
> This was posted to BugTraq today, and it seemed
> important enough to pass on (even though if you are
> a sysadmin and do not regularly read BT, you might
> deserve what you get).
>
> It's what I'd call a HUGE problem, not
> merely a big problem (unless of course you have
> no local users). In any case, I'd chmod u-s /bin/ping
> immediatly, and be careful not to ping as root (if
> you're not sure you're up to it, better make it
> chmod 000 /bin/ping :)
>
> Message to BT follows...
>
>
>----------------------------------------------------------------------------------------
>
> Eduardo Cruz wrote:
>
> Hello ppl.
>
>
> Last week i was playing with my old linux 2.0.36 i486 box, while i was
> playing with the command ping and trying combinations of commands
> i found that when u do a ping -s 65468 -R ANYIPADDRESS ( -R record
> route) the system starts to print on the screen kernel dumps
> , freezes complitely and after few secconds the system reboots.
>
> The major problem with this (if this is a bug, because i dont have time
> to install differents kernels and test it better) is that command can be
> run by everyone
> because you dont need root permissions to make a -R.
>
> I tested this on a 2.0.35 and .36 (both slackware), when u try to do this
> on a 2.2.x the system prints out "message too long".
> I think the problem is that there is a size-check missed when u reach the
> maximun packet size and u put the route information, but anyway
> i am not a guru on kernels.
>
> So, now is time for the kernel experts :)
>
> ---------------------------------------------------------------------------
> Eduardo Cruz - [EMAIL PROTECTED]
> Network Administrator
> Telecomm Solutions Group
> Tel: +350 74146 Fax: +350 41781
> ---------------------------------------------------------------
>
> --
> /--------------- Omer Efraim, [EMAIL PROTECTED] ------------------\
> [ Microsoft Vaccine 2000 is configuring your immune system. This may ]
> [ take a few minutes. If your body stops responding for a long time and ]
> [ there is no brain activity please die. Setup will continue after you ]
> [ are reborn. ]
> \-----------------------------------------------------------------------/
> - Quoting Buzh, asr
>
> =================================================================
> To unsubscribe, send mail to [EMAIL PROTECTED] with
> the word "unsubscribe" in the message body, e.g., run the command
> echo unsubscribe | mail [EMAIL PROTECTED]
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
