Subject: Re: CA-98.13
To: None <Thilo.Manske@HEH.Uni-Oldenburg.DE>
From: Thorsten Frueauf <email@example.com>
Date: 12/28/1998 11:46:11
Disclaimer: I am not in the position to speak official for TNF.
So take this from me as of the best of my personal
> URL: http://www.cert.org/advisories/CA-98-13-tcp-denial-of-service.html
What confused me is the date of this alert, as the exploit
(teardrop/land) is published long ago. So if the exploit mentioned in
above alert is the one published on e.g. rootshell.com at 14/15.11.1997
then NetBSD 1.3.x and current are not vulnerable. I did not try those
at 1.2.x, as at the time this exploit was available, none of my
machines run 1.2.x anymore.
> I would like to know, if I can safely upgrade our server's kernel to
> 1.3.3 now or better wait for a patch.
I would say, go ahead.
Name : Thorsten Frueauf Milano@irc cri@onaliM //
E-Mail: firstname.lastname@example.org oder email@example.com \X/