Subject: Re: CA-98.13
To: None <Thilo.Manske@HEH.Uni-Oldenburg.DE>
From: Thorsten Frueauf <firstname.lastname@example.org>
Date: 12/29/1998 13:36:44
> No, CA-98-13 is *not* the teardrop/land attack as described in CA-97.28:
Ok, is there an exploit for this to test?
> Since most versions of both OpenBSD and FreeBSD were vulnerable to
> CA-98-13 I really doubt that NetBSD is not.
I had a look at
which where referenced in the CERT as solution for the exploit. And I
*think* this is already in
$NetBSD: ip_input.c,v 1.76 1998/12/19 02:46:12 thorpej Exp $
which is NetBSD-current and
$NetBSD: ip_input.c,v 184.108.40.206 1998/11/15 19:18:13 cgd Exp $
which is NetBSD-1.3.3.
But then I am no expert or guru, so someone with a better clue might
care to speak.
Name : Thorsten Frueauf Milano@irc cri@onaliM //
E-Mail: email@example.com oder firstname.lastname@example.org \X/