5845659 2000-12-11 08:50 -0500  /36 rader/ David F. Skoll <dfs@ROARINGPENGUIN.COM>
Sänt av: joel@lysator.liu.se
Importerad: 2000-12-11  21:43  av Brevbäraren (som är implementerad i) Python
Extern mottagare: BUGTRAQ@SECURITYFOCUS.COM
Externa svar till: dfs@ROARINGPENGUIN.COM
Mottagare: Bugtraq (import) <14153>
Ärende: DoS vulnerability in rp-pppoe versions <= 2.4
------------------------------------------------------------
From: "David F. Skoll" <dfs@ROARINGPENGUIN.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Message-ID: <Pine.LNX.4.30.0012110847080.3887-100000@shishi.roaringpenguin.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There is a denial-of-service vulnerability in rp-pppoe versions up to
2.4.  rp-pppoe is a user-space PPPoE client for a bunch of UNIXes and
Linux, used by many residential ADSL customers.

If you use the "Clamp MSS" option and someone crafts a TCP packet
with an (illegal) "zero-length" option, rp-pppoe will fall into an
endless loop.  Eventually, the PPP daemon should time out and kill
the connection.

Solution:  Upgrade to rp-pppoe 2.5 at
http://www.roaringpenguin.com/pppoe/.  If you cannot upgrade quickly,
do not use the "Clamp MSS" option until you can upgrade.

Thanks to Robert Schlabbach for reporting this vulnerability to me.

- --
David F. Skoll
Roaring Penguin Software Inc. | http://www.roaringpenguin.com
GPG fingerprint: 50B4 FA66 CE95 E456 CD8F  96C9 E64D 185C 6646 68E0
GPG public key:  http://www.roaringpenguin.com/dskoll-key.txt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: pgpenvelope 2.9.0 - http://pgpenvelope.sourceforge.net/

iD8DBQE6NNu15k0YXGZGaOARAlaeAKDTRgTIPoUstrVD//vYEd2oJj9CrgCfQfab
RYrUHNcfytaeNCg0Y3neWZQ=
=rjQt
-----END PGP SIGNATURE-----
(5845659) --------------------------------(Ombruten)