Hi, as the attack is based on overflowing buf1[] through crafted len values taken from the packet header in BoGetDirection() and this function isn't present in 2.3 Debian doesn't seem to vulnerable.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
