[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[VOTE] MOREVOTES-1999-A: Candidates from 1999 needing 1 more vote
Each of the following 23 candidates needs just one more ACCEPT vote.
If you can help out, it is appreciated.
There are 4 other messages similar to this one, with different
candidates. Feel free to pick one at random if you don't have the
time to vote on them all.
It is strongly preferred that you get your votes in by October 9.
Thanks,
- Steve
Summary of votes to use (in ascending order of "severity")
----------------------------------------------------------
ACCEPT - voter accepts the candidate as proposed
NOOP - voter has no opinion on the candidate
MODIFY - voter wants to change some MINOR detail (e.g. reference/description)
REVIEWING - voter is reviewing/researching the candidate, or needs more info
RECAST - candidate must be significantly modified, e.g. split or merged
REJECT - candidate is "not a vulnerability", or a duplicate, etc.
1) Please write your vote on the line that starts with "VOTE: ". If
you want to add comments or details, add them to lines after the
VOTE: line.
2) If you see any missing references, please mention them so that they
can be included. References help greatly during mapping.
3) Note that a "MODIFY" is treated as an "ACCEPT" when counting votes.
So if you don't have sufficient information for a candidate but you
don't want to NOOP, use a REVIEWING.
********** NOTE ********** NOTE ********** NOTE ********** NOTE **********
Please keep in mind that your vote and comments will be recorded and
publicly viewable in the mailing list archives or in other formats.
KEY FOR INFERRED ACTIONS
------------------------
Inferred actions capture the voting status of a candidate. They may
be used by the Editor to determine whether or not a candidate is added
to CVE. Where there is disagreement, the Editor must resolve the
issue and achieve consensus, or make the final decision if consensus
cannot be reached.
- ACCEPT = 3 non-MITRE votes to ACCEPT/MODIFY, and no REVIEWING or REJECT
- ACCEPT_ACK = 2 non-MITRE ACCEPT/MODIFY, and vendor acknowledgement
- MOREVOTES = needs more votes
- ACCEPT_REV = 3 non-MITRE ACCEPT's but is delayed due to a REVIEWING
- SMC_REJECT = REJECT by Steve Christey; likely to be rejected outright
- SMC_REVIEW = REVIEWING by Steve Christey; likely related to CD's
- REVIEWING = at least one member is REVIEWING
- REJECT = at least one member REJECTed
- REVOTE = members should review their vote on this candidate
======================================================
Candidate: CAN-1999-0114
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0114
Final-Decision:
Interim-Decision:
Modified: 20000106-01
Proposed: 19990714
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:19990912 elm filter program
Reference: BUGTRAQ:19951226 filter (elm package) security hole
Reference: XF:elm-filter2
Local users can execute commands as other users, and read other users'
files, through the filter command in the Elm elm-2.4 mail package
using a symlink attack.
Modifications:
ADDREF XF:elm-filter2
ADDREF BUGTRAQ:19951226 filter (elm package) security hole
ADDREF BUGTRAQ:19990912 elm filter program
INFERRED ACTION: CAN-1999-0114 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(1) Shostack
MODIFY(1) Frech
NOOP(2) Wall, Northcutt
Comments:
Frech> XF:elm-filter2
VOTE:
======================================================
Candidate: CAN-1999-0193
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0193
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990714
Assigned: 19990607
Category: SF
Denial of service in Ascend and 3com routers, which can be rebooted by
sending a zero length TCP option.
INFERRED ACTION: CAN-1999-0193 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(2) Shostack, Northcutt
NOOP(1) Frech
Comments:
Frech> possibly XF:ascend-kill
I can't find a reference that lists both routers in the same reference.
CHANGE> [Frech changed vote from REVIEWING to NOOP]
Frech> Cannot reconcile to our database without further references.
VOTE:
======================================================
Candidate: CAN-1999-0213
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0213
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990630
Assigned: 19990607
Category: SF
libnsl in Solaris allowed an attacker to perform a denial of service
of rpcbind.
INFERRED ACTION: CAN-1999-0213 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(1) Hill
MODIFY(1) Frech
NOOP(1) Meunier
Comments:
Frech> XF:sun-libnsl
VOTE:
======================================================
Candidate: CAN-1999-0248
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0248
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990728
Assigned: 19990607
Category: SF
sshd 1.2.17 can be compromised through the SSH protocol.
INFERRED ACTION: CAN-1999-0248 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(1) Northcutt
MODIFY(1) Shostack
NOOP(1) Frech
Comments:
Shostack> http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html
looks to me to be about the correct message that came from Tatu.
There are comments in changelog: * Improved the security of
auth_input_request_forwarding().
I'm not in favor of moving this forward without additional detail, but
thought I'd add a confirming URL and comment. We have insufficient
detail to accept it as a CVE.
Frech> Try http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1; to wit
(see asterisked section):
...
*****
Versions of ssh prior to 1.2.17 had problems with authentication agent
handling on some machines. There is a chance (a race condition) that a
malicious user could steal another user's credentials. This should be fixed
in 1.2.17.
*****
VOTE:
======================================================
Candidate: CAN-1999-0253
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0253
Final-Decision:
Interim-Decision:
Modified: 2000106-01
Proposed: 19990623
Assigned: 19990607
Category: SF
Reference: XF:http-iis-2e
Reference: L0PHT:19970319
IIS 3.0 with the iis-fix hotfix installed allows remote intruders to
read source code for ASP programs by using a %2e instead of a . (dot)
in the URL.
INFERRED ACTION: CAN-1999-0253 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(2) Frech, Northcutt
NOOP(2) Prosser, Christey
Comments:
Christey> This is a problem that was introduced after patching a
previous dot bug with the iis-fix hotfix (see CAN-1999-0154).
Since the hotfix introduced the problem, this should be
treated as a seaprate issue.
VOTE:
======================================================
Candidate: CAN-1999-0283
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0283
Final-Decision:
Interim-Decision:
Modified: 19991203-01
Proposed: 19990623
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:19970716 Viewable .jhtml source with JavaWebServer
The Java Web Server would allow remote users to obtain the source
code for CGI programs.
Modifications:
ADDREF BUGTRAQ:19970716 Viewable .jhtml source with JavaWebServer
DESC Augment the description to include .jhtml
INFERRED ACTION: CAN-1999-0283 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
ACCEPT(2) Blake, Northcutt
NOOP(1) Prosser
REVIEWING(1) Frech
VOTE:
======================================================
Candidate: CAN-1999-0286
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0286
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990714
Assigned: 19990607
Category: SF
In some NT web servers, appending a space at the end of a URL may
allow attackers to read source code for active pages.
INFERRED ACTION: CAN-1999-0286 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
ACCEPT(1) Shostack
MODIFY(1) Wall
NOOP(2) Christey, Northcutt
REVIEWING(1) Frech
Comments:
Wall> In some NT web servers, appending a dot at the end of a URL may
allows attackers to read source code for active pages.
Source: MS Knowledge Base Article Q163485 - "Active Server Pages Script Appears
in Browser"
Frech> In the meantime, reword description as 'Windows NT' (trademark issue)
Christey> Q163485 does not refer to a space, it refers to a dot.
However, I don't have other references.
Reading source code with a dot appended is in CAN-1999-0154,
which will be proposed. A subsequent bug similar to the
dot bug is CAN-1999-0253.
VOTE:
======================================================
Candidate: CAN-1999-0345
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0345
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990728
Assigned: 19990607
Category: SF
Jolt ICMP attack causes a denial of service in Windows 95 and Windows
NT systems.
INFERRED ACTION: CAN-1999-0345 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
MODIFY(2) Frech, Wall
NOOP(2) Northcutt, Christey
Comments:
Wall> Invalid ICMP datagram fragments causes a denial of service in Windows 95 and
Windows NT systems.
Reference: Q154174.
Jolt is also known as sPING, ICMP bug, Icenewk, and Ping of Death.
It is a modified teardrop 2 attack.
Frech> XF:nt-ssping
ADDREF XF:ping-death
ADDREF XF:teardrop-mod
ADDREF XF:mpeix-echo-request-dos
Christey> I can't tell whether the Jolt exploit at:
http://www.securityfocus.com/templates/archive.pike?list=1&date=1997-06-28&msg=Pine.BSF.3.95q.970629163422.3264A-200000@apollo.tomco.net
is exploiting any different flaw than teardrop does.
VOTE:
======================================================
Candidate: CAN-1999-0360
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0360
Final-Decision:
Interim-Decision:
Modified: 20000530-01
Proposed: 19990623
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:19990130 Security Advisory for Internet Information Server 4 with Site
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91763097004101&w=2
Reference: NTBUGTRAQ:Jan29,1999
MS Site Server 2.0 with IIS 4 can allow users to upload content,
including ASP, to the target web site, thus allowing them to
execute commands remotely.
Modifications:
CHANGEREF BUGTRAQ [canonicalize]
INFERRED ACTION: CAN-1999-0360 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
ACCEPT(2) Northcutt, Wall
NOOP(2) Prosser, Christey
REVIEWING(1) Frech
Comments:
Christey> I can't find the original Bugtraq posting (it appears that
mnemonix discovered the problem).
VOTE:
======================================================
Candidate: CAN-1999-0380
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0380
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990726
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:19990225 ALERT: SLMail 3.2 (and 3.1) with the Remote Administration Service
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=91996412724720&w=2
Reference: BID:497
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=497
SLMail 3.2 or 3.1 allows local users to access any file in the
NTFS file system when the Remote Administration Service (RAS) is
enabled.
INFERRED ACTION: CAN-1999-0380 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
ACCEPT(2) Ozancin, Wall
REVIEWING(1) Frech
VOTE:
======================================================
Candidate: CAN-1999-0381
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0381
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990726
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:19990225 SUPER buffer overflow
Reference: URL:http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.3.96.990225011801.12757A-100000@eleet
Reference: XF:linux-super-logging-bo
Reference: BID:342
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=342
super 3.11.6 and other versions have a buffer overflow in the syslog
utility which allows a local user to gain root access.
Modifications:
DELREF SEKURE [obsolete]
CHANGEREF BUGTRAQ [canonicalize]
INFERRED ACTION: CAN-1999-0381 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(2) Ozancin, Frech
NOOP(2) Christey, Wall
Comments:
Christey> Is this the same as CVE-1999-0373? They both have the same
X-Force reference.
BID:342 suggests that there are two.
http://www.debian.org/security/1999/19990215a suggests
that there are two. However, CVE-1999-0373 is written up in
a fashion that is too general; and both XF:linux-super-bo and
XF:linux-super-logging-bo refer to CVE-1999-0373.
CVE-1999-0373 may need to be split.
Frech> From what I can surmise, ISS released the original advisory (attached to
linux-super-bo), and Sekure SDI expanded on it by releasing another related
overflow in syslog (which is linux-super-logging-bo).
When I was originally assigning these issues, I placed both XF references
and the ISS advisory on the -0373 candidate, since there was nothing else
available. Based on the information above, I'd request that
XF:linux-super-logging-bo be removed from CVE-1999-0373.
Christey> Given Andre's feedback, these are different issues.
CVE-1999-0373 does not need to be split because the ISS
reference is sufficient to distinguish that CVE from this
candidate; however, the CVE-1999-0373 description should
probably be modified slightly.
VOTE:
======================================================
Candidate: CAN-1999-0393
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0393
Final-Decision:
Interim-Decision:
Modified: 20000106-01
Proposed: 19990728
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:19981212 ** Sendmail 8.9.2 DoS - exploit ** get what you want!
Reference: XF:sendmail-parsing-redirection
Remote attackers can cause a denial of service in Sendmail 8.8.x and
8.9.2 by sending messages with a large number of headers.
Modifications:
ADDREF XF:sendmail-parsing-redirection
CHANGEREF BUGTRAQ [change date to 19981212]
ADDREF BUGTRAQ:19990121 Sendmail 8.8.x/8.9.x bugware
INFERRED ACTION: CAN-1999-0393 MOREVOTES-1 (1 accept, 1 ack, 0 review)
Current Votes:
MODIFY(1) Frech
NOOP(1) Christey
Comments:
Frech> I assume that Reference: BUGTRAQ:Dec12,1999 is not attesting to the power of
CVE to foresee events in the future. This reference should be 12/12/98.
ADDREF XF:sendmail-parsing-redirection
Christey>
This issue is acknowledged in BUGTRAQ:19990121 Sendmail 8.8.x/8.9.x bugware
URL: http://marc.theaimsgroup.com/?l=bugtraq&m=91694391227372&w=2
VOTE:
======================================================
Candidate: CAN-1999-0429
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0429
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990726
Assigned: 19990607
Category: CF
Reference: BUGTRAQ:Mar23,1999
Reference: XF:lotus-client-encryption
The Lotus Notes 4.5 client may send a copy of encrypted mail in the
clear across the network if the user does not set the "Encrypt Saved
Mail" preference.
INFERRED ACTION: CAN-1999-0429 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(2) Ozancin, Frech
NOOP(1) Wall
VOTE:
======================================================
Candidate: CAN-1999-0440
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0440
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990726
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:Apr4,1999
Reference: XF:java-unverified-code
The byte code verifier component of the Java Virtual Machine (JVM)
allows remote execution through malicious web pages.
INFERRED ACTION: CAN-1999-0440 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
ACCEPT(2) Ozancin, Frech
REVIEWING(1) Wall
VOTE:
======================================================
Candidate: CAN-1999-0492
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0492
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990726
Assigned: 19990607
Category: SF
Reference: BUGTRAQ:Apr23,1999
The ffingerd 1.19 allows remote attackers to identify users on the
target system based on its responses.
INFERRED ACTION: CAN-1999-0492 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
ACCEPT(1) Northcutt
MODIFY(1) Shostack
REVIEWING(1) Frech
Comments:
Shostack> isn't that what finger is supposed to do?
VOTE:
======================================================
Candidate: CAN-1999-0495
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0495
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19990728
Assigned: 19990607
Category: SF
A remote attacker can gain access to a file system using .. (dot dot)
when accessing SMB shares.
INFERRED ACTION: CAN-1999-0495 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(1) Northcutt
MODIFY(1) Frech
Comments:
Frech> XF:nb-dotdotknown(837)
References would be appreciated. We've got no reference for this issue;
confidence rating is consequently low.
VOTE:
======================================================
Candidate: CAN-1999-0671
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0671
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:572
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=572
Buffer overflow in ToxSoft NextFTP client through CWD command.
INFERRED ACTION: CAN-1999-0671 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
MODIFY(2) Frech, Stracener
Comments:
Stracener> AddRef: ShadowPenguinSecurity:PenguinToolbox,No.035
Frech> XF:toxsoft-nextftp-cwd-bo
VOTE:
======================================================
Candidate: CAN-1999-0672
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0672
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:573
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=573
Buffer overflow in Fujitsu Chocoa IRC client via IRC channel topics.
INFERRED ACTION: CAN-1999-0672 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
MODIFY(2) Frech, Stracener
Comments:
Stracener> AddRef: ShadowPenguinSecurity:PenguinToolbox,No.036
Frech> XF:fujitsu-topic-bo
VOTE:
======================================================
Candidate: CAN-1999-0673
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0673
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:574
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=574
Buffer overflow in ALMail32 POP3 client via From: or To: headers.
INFERRED ACTION: CAN-1999-0673 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
MODIFY(2) Frech, Stracener
Comments:
Stracener> AddRef: ShadowPenguinSecurity:PenguinToolbox,No.037
Frech> XF:almail-bo
VOTE:
======================================================
Candidate: CAN-1999-0675
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0675
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BID:576
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=576
Firewall-1 can be subjected to a denial of service via UDP packets
that are sent through VPN-1 to port 0 of a host.
INFERRED ACTION: CAN-1999-0675 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
MODIFY(2) Frech, Cole
NOOP(1) Christey
REVIEWING(1) Stracener
Comments:
Cole> This only occurs when the VPN being used for the transport of the packet
supports ISAKMP encryption.
Frech> XF:checkpoint-port
Modify description to read "Check Point Firewall-1 ..."
Christey> http://www.securityfocus.com/templates/archive.pike?list=1&msg=Pine.LNX.4.10.9908051851320.8871-100000@area51
VOTE:
======================================================
Candidate: CAN-1999-0679
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0679
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BUGTRAQ:19990813 w00w00's efnet ircd advisory (exploit included)
Reference: BID:581
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=581
Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows
remote attackers to execute commands via m_invite invite option.
INFERRED ACTION: CAN-1999-0679 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(1) Stracener
MODIFY(1) Frech
Comments:
Frech> XF:hybrid-ircd-minvite-bo
VOTE:
======================================================
Candidate: CAN-1999-0697
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0697
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Reference: BUGTRAQ:19990908 SCO 5.0.5 /bin/doctor nightmare
Reference: BID:621
Reference: URL:http://www.securityfocus.com/vdb/bottom.html?vid=621
SCO Doctor allows local users to gain root privileges through a Tools
option.
INFERRED ACTION: CAN-1999-0697 MOREVOTES-1 (2 accept, 0 ack, 0 review)
Current Votes:
ACCEPT(1) Stracener
MODIFY(1) Frech
NOOP(1) Ozancin
Comments:
Frech> XF:sco-doctor-execute
VOTE:
======================================================
Candidate: CAN-1999-0698
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-1999-0698
Final-Decision:
Interim-Decision:
Modified:
Proposed: 19991222
Assigned: 19991125
Category: SF
Denial of service in IP protocol logger (ippl) on Red Hat and Debian
Linux.
INFERRED ACTION: CAN-1999-0698 MOREVOTES-1 (2 accept, 0 ack, 1 review)
Current Votes:
ACCEPT(1) Ozancin
MODIFY(1) Frech
NOOP(1) Christey
REVIEWING(1) Stracener
Comments:
Stracener> Is the candidate referring to the denial of service problem mentioned in
the
changelogs for versions previous to 1.4.3-1 or does it pertain to some
problem with or
1.4.8-1?
Frech> Depending on the version, this could be any number of DoSes
related to ippl.
From http://www.larve.net/ippl/:
9 April 1999: version 1.4.3 released, correctly fixing a
potential denial of service attack.
7 April 1999: version 1.4.2 released, fixing a potential
denial of service attack.
XF:linux-ippl-dos
Christey> Changelog: http://pltplp.net/ippl/docs/HISTORY
See comments for version 1.4.2 and 1.4.3
Another source: http://freshmeat.net/news/1999/04/08/923586598.html
VOTE: