Author: jmm-guest Date: 2005-04-21 08:26:30 +0000 (Thu, 21 Apr 2005) New Revision: 878 Modified: sarge-checks/CAN/list Log: Checked the ICMP attack scenarios on TCP. Modified: sarge-checks/CAN/list ==================================================================--- sarge-checks/CAN/list 2005-04-21 01:16:53 UTC (rev 877) +++ sarge-checks/CAN/list 2005-04-21 08:26:30 UTC (rev 878) @@ -4541,7 +4541,7 @@ CAN-2004-1061 (Cross-site scripting (XSS) vulnerability in unknown versions of ...) - bugzilla 2.16.7-2 CAN-2004-1060 (Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) ...) - NOTE: not-for-us (Novell Netware) + NOTE: Linux kernel verifies TCP sequence numbers on ICMP errors CAN-2004-1059 (Multiple cross-site scripting (XSS) vulnerabilities in mnoGoSearch ...) - mnogosearch 3.2.18-2.2 CAN-2004-1058 (Race condition in Linux kernel 2.6 allows local users to read the ...) @@ -5199,9 +5199,11 @@ CAN-2004-0792 (Directory traversal vulnerability in the sanitize_path function in ...) - rsync 2.6.3 CAN-2004-0791 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...) - TODO: check + NOTE: All 2.4 and 2.6 kernels verify the TCP sequence numbering when errors occur + NOTE: Kernel will never abort due to an ICMP packet CAN-2004-0790 (Multiple TCP/IP and ICMP implementations allow remote attackers to ...) - TODO: check + - kernel-source-2.6.8 (unfixed; bug filed) + - kernel-source-2.4.27 (unfixed; bug filed) CAN-2004-0789 NOTE: reserved CAN-2004-0788 (Integer overflow in the ICO image decoder for (1) gdk-pixbuf before ...)