Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Unix :: General :: fpf.htm

Fpf module kernel panic



Vulnerability

    fpf module

Affected

    fpf module

Description

    "XR Agent" found following.   Fpf kernel module by |CyRaX|  alters
    linux  tcp/ip  stack  to  emulate  other  OS'es against nmap/queso
    fingerprints using parser by FuSyS that reads nmap-os-fingerprints
    for os emulation choice.

    However, attempts to  send fragmented packets  to local or  remote
    machine with  nmap (-sS  -f, -sN  -f, -sX  -f, -sF  -f, -sA -f) or
    hping  (hping  -f)  using  host  with  loaded fpf.o lead to kernel
    panic ("Aiee,  killing interrupt  handle. Kernel  panic: Attempted
    to k ill the idle task ! In interrupt handler - not syncing.")  if
    run from console or force  immediate reboot if the packet  sending
    tool is run from an xterm.

    When  fpf.o  -  running  machine  recieves nmap / hping fragmented
    packets from remote hosts system freezes.

    Tested on Slackware 7.1 kernel 2.2.16 (i386).

Solution

    Nothing yet.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH