/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ a note to those using the ip_masq_irc module. > *** {01.31.023} Linux - Linux kernel IRC/DCC masquerading helper > vulnerability > > A bug was found in the various IRC DCC/CTCP masquerading helper modules > shipped with the various Linux kernels. It's possible for a remote > attacker/Web site to open arbitrary ports on a masquerading Linux > firewall by "spoofing" the DCC/CTCP connect commands. This results > in the IRC helper module processing the commands and opening ports > in an effort to allow the incoming DCC/CTCP session. > > This vulnerability has been confirmed. A patch is available at: > http://archives.neohapsis.com/archives/bugtraq/2001-07/0750.html > > Source: SecurityFocus Bugtraq > http://archives.neohapsis.com/archives/bugtraq/2001-07/0733.html > http://archives.neohapsis.com/archives/bugtraq/2001-07/0750.html raf _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
