severity 353064 normal thanks On Wed, Feb 15, 2006 at 11:46:45PM +0100, Moritz Muehlenhoff wrote: > Package: honeyd > Severity: important > Tags: security > > Quoting from http://www.honeyd.org/adv.2006-01: > | A bug in the IP reassembly codes causes Honeyd to reply to illegal > | fragments that other implementations would silently drop. Watching > | for replies, it is possible to detect IP addresses simulated by > | Honeyd. > > There's no CVE yet. Stable is affected according to upstream.
Yes, I'm aware of this issue. It is, however an information leak issue, hardly an 'important' bug and I don't believe a DSA should be issued for this issue. Even if it's a honeypot software, being able to detect it by some (obscure) means does not reduce it usefulness and does not compromise the honeypot system in any way. Regards Javier
signature.asc
Description: Digital signature
