LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Eridani alert ERISA-2002:041 (pxe)



From:
    	      Eridani Star System <linux@eridani.co.uk>


To:
    	      eridani-announce@eridani.co.uk


Subject:
    	      [Eridani-Announce] ERISA-2002:041 - pxe


Date:
    	      Tue, 3 Sep 2002 11:28:28 +0100 (BST)



=========================================================================
		ERIDANI LINUX - SECURITY ANNOUNCEMENT
=========================================================================

Package:	pxe
Summary:	PXE server can be crashed by certain DHCP packets
Date:		2002-09-03
ID:		ERISA-2002:041

=========================================================================

Problem description:

  The PXE package contains the Preboot eXecution Environment server and
  code required for Linux to boot from a boot disc image on a Linux PXE
  server.

  Some Voice-over-IP (VoIP) phones were found to generate DCHP packets which
  would crash the PXE server.  This bug could be used to cause a remote
  denial of service attack by using malicious packets.

  PXE users are advised to upgrade to the new package which contains a
  build of PXE that is not vulnerable to this issue.

-------------------------------------------------------------------------
Updated packages:

  9fc20cdd3dd7269d8cddb7f6c2b41c58  pxe-0.1-32.src.rpm
  23bdaa9da015320dbe53e31bf7d770e0  pxe-0.1-32.i386.rpm

-------------------------------------------------------------------------
References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0835

=========================================================================

Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/
or by HTTP from http://ftp.eridani.co.uk/

Packages are signed with our GNU GPG key, also on our FTP site.

Users of releases of Eridani Linux prior to 6.3 are advised to download
the source RPM and rebuild for their system.

Copyright (C)2002 Eridani Star System

-- Michael "Soruk" McConnell                       http://www.eridani.co.uk
Eridani Linux  --  The Most Up-to-Date Red Hat-based Linux CDROMs Available
Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more...

_______________________________________________
Eridani-Announce mailing list
To be removed from this list email linux@eridani.co.uk requesting removal.
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds