full-disclosure-uk January 2009 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] Solaris IPv6 DoS vulne

Re: [Full-disclosure] Solaris IPv6 DoS vulnerabilities (was: Solaris Devs Are Smoking Pot)

From: Michael Simpson <mikie.simpson_at_nospam>
Date: Fri Jan 30 2009 - 14:06:36 GMT
To: full-disclosure@lists.grok.org.uk


On 1/30/09, GomoR <fd@gomor.org> wrote:
>
> This vulnerability only exists when setting next header to 0x3c
> or does it work with other values ?
>
> My guess is that we have a more general issue here.
>
> --
> ^ ___ ___ http://www.GomoR.org/ <-+
> | / __ |__/ Research Engineer |
> | \__/ | \ ---[ zsh$ alias psed='perl -pe ' ]--- |
> +--> Net::Frame <=> http://search.cpan.org/~gomor/ <---+
>

Sun Alert 251006 has been published here for this issue:

<http://sunsolve.sun.com/search/document.do?assetkey=1-26-251006-1>

This corresponds to Sun bugID 6797796 has been addressed in build 108 of OpenSolaris / Indiana:

<http://hg.genunix.org/onnv-gate.hg/rev/21644558c539>

mike



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/