Bug 19470 - ping buffer problems: netkit-base shares iputils code base
Summary: ping buffer problems: netkit-base shares iputils code base
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: netkit-base   
(Show other bugs)
Version: 6.0
Hardware: i386
OS: Linux
high
medium
Target Milestone: ---
Assignee: Jeff Johnson
QA Contact:
URL:
Whiteboard:
Keywords: Security
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2000-10-20 17:07 UTC by Pekka Savola
Modified: 2008-05-01 15:37 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-10-21 15:30:56 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description Pekka Savola 2000-10-20 17:07:12 UTC
A. Kuznetsov's iputils is based on netkit-base.  A quick glance at netkit-base source
would seem to indicate that static buffer problems (and naturally root dropping) are
still there in netkit-base.

Perhaps there should be an errata release which would tell people to move to inetd + iputils?

IF this is done, this would be a good place to fix the close-wait DoS issue if daytime server
is being used (#16729) -- a patch is available.

Comment 1 Chris Evans 2000-10-21 15:30:54 UTC
Hmm - I believe RedHat6.0 shipped with a patch closing the static buffer
overflow issue.
It is called "ping-overflow.patch".

In summary: I think RH6.0 ping is safe as shipped.


Note You need to log in before you can comment on or make changes to this bug.