[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: NetBSD Security Advisory 2008-010: Malicious PPPoE discovery packet can overrun a kernel buffer
NetBSD Security-Officer <security-officer%netbsd.org@localhost> writes:
> Solutions and Workarounds
> The pseudo-device pppoe is present in GENERIC kernels. The system must
> be configured with a pppoe(4) instance.
> For all NetBSD versions, you need to obtain fixed kernel sources,
> rebuild and install the new kernel, and reboot the system.
This text is ambiguous -- a naive reader might not understand that if
there are no pppoe instances the kernel cannot be attacked.
Perry E. Metzger perry%piermont.com@localhost
Main Index |
Thread Index |