Hi all, I''ve just come across this new vulnerabilty for 2.6 kernels: http://lwn.net/Articles/91914/ I''m wondering whether a 2.6-based shorewall firewall may be affected; my guess is YES. Corrado
Tom Eastep
2004-Jul-02 13:41 UTC
Re: Heads up: iptables remote vulnerability for kernel 2.6
Corrado wrote:> Hi all, > > I''ve just come across this new vulnerabilty for 2.6 kernels: > > http://lwn.net/Articles/91914/ > > I''m wondering whether a 2.6-based shorewall firewall may be affected; my > guess is YES. >The answer is NO -- Shorewall doesn''t use tcp option checking. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ teastep@shorewall.net