Agreed.
>It is nearly impossible for a TCP frag handling exploit
>to allow a root shell and socket to that shell to be
>created. So I think the claims are total nonsense.
The last mail on that thread is interesting[*], fooling the victim into
running a vulnerable version of tcpdump by claiming a vulnerability in
TCP.
[*] http://online.securityfocus.com/archive/1/295855/2002-10-15/2002-10-21/2
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/