Author: horms Date: Thu Feb 2 12:02:58 2006 New Revision: 5687 Modified: patch-tracking/CVE-2002-0704 Log: Further analysis -> ignore indefinately
Modified: patch-tracking/CVE-2002-0704 ============================================================================== --- patch-tracking/CVE-2002-0704 (original) +++ patch-tracking/CVE-2002-0704 Thu Feb 2 12:02:58 2006 @@ -18,14 +18,35 @@ http://archives.mandrivalinux.com/security-announce/2002-02/msg00025.html . dannf> We plan to "fix" this by recommending the workaround as well. + horms> I believe that this problem was fixed as part of the following + horms> patch that was incuded in 2.6.11 + horms> http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commitdiff;h=1e69ba3fa29b13fe5229d6e325aee91ae5abe298 + horms> However I believe a related bug was introduced by the following + horms> patch, also included in 2.6.11 + horms> http://www.kernel.org/git/?p=linux/kernel/git/tglx/history.git;a=commitdiff;h=8d5f3377d48c74df38990688f09e773887ba4eb5 + horms> This new bugs allows discloser of the IP address of intermedate + horms> hops between the NATing box and the NAT'd box. + horms> This is easily demonstrated using tcptraceroute + horms> 1 10.0.1.7 61.524 ms 93.081 ms 22.982 ms + horms> 2 192.168.1.254 72.099 ms 66.899 ms 67.599 ms + horms> 3 10.0.1.7 [open] 67.188 ms 105.974 ms 104.873 ms + horms> I also believe that pretty much all kernels disclose + horms> enough information to work out if DNAT is in use or not. + horms> I wrote a long mail about this to netfilter-devel and will + horms> put a link here when it shows up + horms> In the mean time: (Message-ID: <[EMAIL PROTECTED]>) + horms> Given this seems to be an ongoing suite of problems, with little + horms> hope of a final solution, I'm marking it as ignore for all + horms> woody and sarge kernels, many of which i have reproduced the + horms> problem on allong with upstream's 2.4 (~2.4.33-pre1) Bugs: -upstream: -linux-2.6: -2.6.8-sarge-security: -2.4.27-sarge-security: -2.4.19-woody-security: -2.4.18-woody-security: -2.4.17-woody-security: -2.4.16-woody-security: -2.4.17-woody-security-hppa: -2.4.17-woody-security-ia64: +upstream: fixed (2.6.11) +linux-2.6: N/A +2.6.8-sarge-security: ignore (2.6.8-16sarge2) +2.4.27-sarge-security: ignore (2.4.27-10sarge2) +2.4.19-woody-security: ignore (2.4.19-4.woody3) +2.4.18-woody-security: ignore (2.4.18-14.4) +2.4.17-woody-security: ignore (2.4.17-1woody4) +2.4.16-woody-security: ignore (2.4.16-1woody3) +2.4.17-woody-security-hppa: ignore (2.4.17-hppa_32.5) +2.4.17-woody-security-ia64: ignore (2.4.17-ia64_011226.18) _______________________________________________ Kernel-svn-changes mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes
