Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 22 Jul 2001 15:57:56 -0700 (PDT)
From:      Matt Dillon <dillon@earth.backplane.com>
To:        Hajimu UMEMOTO <ume@mahoroba.org>
Cc:        aschneid@mail.slc.edu, dillon@earth.backplane.com, brian@Awfulhak.org, ras@e-gerbil.net, roam@orbitel.bg, freebsd-security@FreeBSD.ORG, freebsd-gnats-submit@FreeBSD.ORG
Subject:   Re: bin/22595: telnetd tricked into using arbitrary peer ip
Message-ID:  <200107222257.f6MMvuE12313@earth.backplane.com>
References:  <20010723.053051.88524825.ume@mahoroba.org> <200107222117.f6MLHwr11669@earth.backplane.com> <20010722172232.A94306@mail.slc.edu> <20010723.063458.35714423.ume@mahoroba.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

:>>>>> On Sun, 22 Jul 2001 17:22:32 -0400
:>>>>> Anthony Schneider <aschneid@mail.slc.edu> said:
:
:aschneid> 16 bytes.
:
:It's a binary form.  We need 40 bytes for global address.  To save
:site-local or link-local address, we need more space for scope
:identifier.  I believe the length of scope identifier is not defined
:and system specific.
:
:global address:
:
:	1234567890123456789012345678901234567890
:	NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN\n
:
:scoped address:
:
:	1234567890123456789012345678901234567890
:	NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN:NNNN%fxp0\n
:
:There is one more consideration.  `:' is conflict with X.  I have no
:particular idea to solve this problem.  Enclosing IPv6 address with
:`[' and `]' doesn't help without changing X side.
:
:--
:Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan
:ume@mahoroba.org  ume@bisd.hitachi.co.jp  ume@{,jp.}FreeBSD.org
:http://www.imasy.org/~ume/

    Ok, it sounds like 56 bytes ought to be sufficient.  This will
    increase the lastlog structure from 28 bytes to 68 bytes
    and the utmp/wtmp structure from 44 bytes to 84 bytes.  A
    buildworld would be necessary to deal with the change and
    certrain ports, such as ftpd, would have to be rebuilt
    (for those people using them) to avoid corruption.  utmp
    is one of the few structures in the system which is 
    written out 'manually' by various programs, which is why
.   changing the size of the structure is so nasty.

    The issue with X is a separate problem.

					-Matt

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107222257.f6MMvuE12313>