Gentoo Archives: gentoo-security

From: Chris McCracken <chrismc@×××××××××××××.net>
To: gentoo-security@l.g.o
Subject: Re: [gentoo-security] TCP vulnerability
Date: Tue, 20 Apr 2004 20:21:30
Message-Id: 4085862E.4010009@ozarkmountain.net
In Reply to: Re: [gentoo-security] TCP vulnerability by vorlon
1 It looks like the CERT Advisory is mainly focused on BGP. I must admit
2 I'm not all that well versed on TCP/IP internals anymore. Is this
3 mainly a transport provider problem (those running BGP), or does it
4 affect end systems as well? Obviously this is a major issue, and it
5 will be interesting to see how it pans out in the next few days. The
6 recommendations from CERT don't look to be simple "patch" solutions to
7 the problem. Thoughts?
8
9 ~Chris
10
11 vorlon wrote:
12
13 > Hi,
14 >
15 > On 20.04.2004 21:47, Gard Spreemann wrote:
16 >
17 > > What's the status on this? Anybody heard anything much? The UK govt.
18 > site
19 > > seems to be slashdotted, so I'll have to use the Slashdot story:
20 > >
21 > http://slashdot.org/article.pl?sid=04/04/20/1738217&mode=thread&tid=126&tid=128&tid=172&tid=95
22 >
23 >
24 > US-CERT just published this:
25 > <http://www.us-cert.gov/cas/techalerts/TA04-111A.html>
26 > ("Technical Cyber Security Alert TA04-111A - Vulnerabilities in TCP")
27 >
28 > which has a few more links too.
29 >
30 > Matthias
31 >
32 >
33 >
34 > --
35 > gentoo-security@g.o mailing list
36 >
37
38
39 --
40 gentoo-security@g.o mailing list

Replies

Subject Author
Re: [gentoo-security] TCP vulnerability Devon <devon@×××××.org>