mirror of
https://git.savannah.gnu.org/git/inetutils.git
synced 2026-01-12 00:19:39 +08:00
e113aaee8f
* libinetutils/Makefile.am (libinetutils_a_SOURCES): Order source names. * libinetutils/libinetutils.h (iu_argp_init): New macro. * ftp/main.c, ftpd/ftpd.c, hostname/hostname.c, inetd/inetd.c, logger/logger.c, ping/ping.c, ping/ping6.c, rcp/rcp.c, rexecd/rexecd.c, rlogin/rlogin.c, rlogind/rlogind.c, rsh/rsh.c, rshd/rshd.c, syslogd/syslogd.c, talk/talk.c, talkd/talkd.c, telnet/main.c, telnetd/telnetd.c, tftpd/tftpd.c, traceroute/traceroute.c, uucpd/uucpd.c: Use iu_argp_init. Rewrite option descriptions to conform to standards.texi. * ifconfig/Makefile.am (INCLUDES): Add libinetutils * ifconfig/changeif.c: Use error() for diagnostics. * ifconfig/printif.c: Likewise. * ifconfig/ifconfig.c: Likewise. (main): Call parse_cmdline. * ifconfig/ifconfig.h: Include error.h, argp.h and libinetutils.h. * ifconfig/options.c: Use argp. "check-existence": fix typo (was *check-existance). (usage): Remove. Use error() for diagnostics. * ifconfig/options.h (parse_opt): Rename to parse_cmdline. * ifconfig/system.h (system_argp_child): New extern. (system_help_options, SYSTEM_SHORT_OPTIONS) (SYSTEM_LONG_OPTIONS): Remove. * ifconfig/system/generic.c: Use new command line parsing method. * ifconfig/system/hpux.c: Likewise. * ifconfig/system/linux.c: Likewise. * ifconfig/system/linux.h: Likewise. * ifconfig/system/osf.c: Likewise. * ifconfig/system/qnx.c: Likewise. * ifconfig/system/solaris.c: Likewise. * gwhois/Makefile.am (INCLUDES): Add libinetutils. * gwhois/whois.c: Use argp to parse the command line. (is_ripe_server): New function. (queryformat): Use is_ripe_server to determine if the server supports RIPE syntax.
CERT* Advisory CA-96.26 Original issue date: December 18, 1996 Last Revised: December 5, 1997 Updated information for NCR Corporation. A complete revision history is at the end of this file. Description The TCP/IP specification (the basis for many protocols used on the Internet) allows for a maximum packet size of up to 65536 octets (1 octet = 8 bits of data), containing a minimum of 20 octets of IP header information and 0 or more octets of optional information, with the rest of the packet being data. It is known that some systems will react in an unpredictable fashion when receiving oversized IP packets. Reports indicate a range of reactions including crashing, freezing, and rebooting. In particular, the reports received by the CERT Coordination Center indicate that Internet Control Message Protocol (ICMP) packets issued via the "ping" command have been used to trigger this behavior. ICMP is a subset of the TCP/IP suite of protocols that transmits error and control messages between systems. Two specific instances of the ICMP are the ICMP ECHO_REQUEST and ICMP ECHO_RESPONSE datagrams. These two instances can be used by a local host to determine whether a remote system is reachable via the network; this is commonly achieved using the "ping" command. Discussion in public forums has centered around the use of the "ping" command to construct oversized ICMP datagrams (which are encapsulated within an IP packet). Many ping implementations by default send ICMP datagrams consisting only of the 8 octets of ICMP header information but allow the user to specify a larger packet size if desired. You can read more information about this vulnerability on Mike Bremford's Web page. (Note that this is not a CERT/CC maintained page. We provide the URL here for your convenience.)