Re:Maybe I lack clue... (Score 1)

This is an "MTU Path Discovery" exploit. When one machine wants to talk to another machine it's best to know how big a packet each can send without it being fragmented (broken into smaller packets to cross any given link.) The MTU for ethernet is 1500 -- you can set it lower if you want, but larger is good way to crash your machine. Not all router links in the world can handle a 1500 byte packet without fragmentation. SO, at the beginning of a connection, the computers at the endpoints attempt to determine the largest packet they can send without fragmentation. This is done by setting the "DF" (do not fragment) bit in the IP header. They then "listen" for ICMP messages indicating the packet would have to have been fragmented to get there. The packet would then be retransmitted with less data in it. This packet is usually generated by a router somewhere in between. It would appear there is a way to "trick" MacOS 9 into sending out a 1500byte packet to "do an MTU discovery". Personally, this sounds like a cut-n-dry ("oops") bug... 1500 byte ICMP packets would likely be dropped by any number of routers (see RFC1122 and RFC1812 for the rules governing ICMP messaging) AND, the report doesn't say anything about which ICMP message was being generated (there are 15 types of ICMP messages defined under Solaris 2.6 -- 13 under linux)

.

Trollmastah
Take all good things in moderation, including moderation.