Bugtraq mailing list archives
Re: NetBSD Security Advisory 1999-010
From: okir () MONAD SWB DE (Olaf Kirch)
Date: Fri, 21 May 1999 16:59:21 +0200
Talking of ARP, at least Linux has the problem that it blindly accepts whatever hardware address it finds in the ARP response -- be it the MAC broadcast address, or a multicast one. Not sure wheter other OSs are affected. I didn't find anything dangerous you can do with this, unless there's some really stupid IP stack that tries to forward IP packets that were sent to the MAC broadcast--that would indeed be network meltdown. But I haven't seen such a stack. I reported this to Alan a week or two ago, so I would assume that it has been fixed in the meanwhile :) Olaf -- Olaf Kirch | --- o --- Nous sommes du soleil we love when we play okir () monad swb de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
Current thread:
- Secure Storage of Secrets in Windows Aleph One (May 17)
- <Possible follow-ups>
- Re: Secure Storage of Secrets in Windows Nick FitzGerald (May 18)
- Re: Secure Storage of Secrets in Windows Bronek Kozicki (May 20)
- Re: Secure Storage of Secrets in Windows Olaf Titz (May 18)
- Buffer Overruns in RAS allows execution of arbitary code as system Mnemonix (May 19)
- Re: Secure Storage of Secrets in Windows Eivind Eklund (May 19)
- NetBSD Security Advisory 1999-010 matthew green (May 21)
- Re: NetBSD Security Advisory 1999-010 Olaf Kirch (May 21)