[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length

lwip-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length

From:	Fabian Koch
Subject:	[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Date:	Mon, 20 Oct 2008 07:46:29 +0000
User-agent:	Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3

Follow-up Comment #2, bug #24596 (project lwip):

I still think it is best practice to drop packets that do not conform to RFC
793.
On the other hand it is a good idea (especially in our scenario) to just
ignore the wrong parts and accept the rest of the packet to increase the
robustness.

    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?24596>

_______________________________________________
  Nachricht geschickt von/durch Savannah
  http://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Simon Goldschmidt, 2008/10/17
- [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Simon Goldschmidt, 2008/10/18
  - [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Fabian Koch <=
    - [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length, Simon Goldschmidt, 2008/10/20

Prev by Date: [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Next by Date: [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Previous by thread: [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Next by thread: [lwip-devel] [bug #24596] Vulnerability on faulty TCP options length
Index(es):
- Date
- Thread