TUCoPS :: Unix :: General :: fpf.htm


TUCoPS :: Unix :: General :: fpf.htm

Fpf module kernel panic 
Vulnerability
 fpf module
Affected
 fpf module
Description
 "XR Agent" found following. Fpf kernel module by |CyRaX| alters
 linux tcp/ip stack to emulate other OS'es against nmap/queso
 fingerprints using parser by FuSyS that reads nmap-os-fingerprints
 for os emulation choice.
 However, attempts to send fragmented packets to local or remote
 machine with nmap (-sS -f, -sN -f, -sX -f, -sF -f, -sA -f) or
 hping (hping -f) using host with loaded fpf.o lead to kernel
 panic ("Aiee, killing interrupt handle. Kernel panic: Attempted
 to k ill the idle task ! In interrupt handler - not syncing.") if
 run from console or force immediate reboot if the packet sending
 tool is run from an xterm.
 When fpf.o - running machine recieves nmap / hping fragmented
 packets from remote hosts system freezes.
 Tested on Slackware 7.1 kernel 2.2.16 (i386).
Solution
 Nothing yet.

AltStyle によって変換されたページ (->オリジナル) /

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH