Date: Sun, 15 Oct 2000 09:23:31 +0200 From: Gerhard Sittig <Gerhard.Sittig@gmx.net> To: freebsd-security@freebsd.org Subject: Re: FreeBSD 4.x Bug with ICMP Error Messages (fwd) Message-ID: <20001015092331.W25237@speedy.gsinet> In-Reply-To: <200010142316.KAA05381@cairo.anu.edu.au>; from avalon@coombs.anu.edu.au on Sun, Oct 15, 2000 at 10:16:09AM %2B1100 References: <200010142316.KAA05381@cairo.anu.edu.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Oct 15, 2000 at 10:16 +1100, Darren Reed wrote:
> Forwarded message:
> > From: "Ofir Arkin" <ofir@itcon-ltd.com>
> > To: "Nmap-Hackers" <nmap-hackers@insecure.org>
> > Subject: FreeBSD 4.x Bug with ICMP Error Messages
> > Date: Sat, 14 Oct 2000 23:09:51 +0200
> > Message-ID: <GDEIJDIGIGIFHEIILCALCEIPCGAA.ofir@itcon-ltd.com>
> >
> > [ ... ]
> >
> > A udp datagram sent to a closed udp port (port 0, can be any
> > port). The original udp datagram used e655 hex as its IP
> > Identification field value. The echoed IP Header inside the
> > ICMP Error message states that this value was 55e6 (with the
> > offending datagram).
> >
> > FreeBSD 4.x simply flips between the first 8bits to the
> > second 8 bits.
There's something missing: which platform does it happen on? I
assume it's an i386 machine (or something else little endian).
This sounds very much like a missing hton() when setting up the
response.
virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76
Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net
--
If you don't understand or are scared by any of the above
ask your parents or an adult to help you.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001015092331.W25237>