Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Loopback and multi-homed routing flaw in TCP/IP stack.

From: bert hubert <ahu () DS9A NL>
Date: Tue, 6 Mar 2001 23:01:40 +0100
On Tue, Mar 06, 2001 at 01:34:18PM +0300, 3APA3A wrote:


Windows  NT  behaves  same way - it will accept connection to internal
address through external interface even if routing is not enabled (I'm
not  sure  about  loopback). Then configuring Cisco routers it's quite


One thing that hasn't been clearly stated, although it's obvious to experts:
this vulnerability is only available for people who are already on your
subnet.

So it IS a 'remote vulnerability' but only for people who are on your
subnet. So if you have a DMZ with no untrusted computers on the subnet, this
will not harm you.

I still feel that this is a pretty stupid oversight - if routing is switched
off as it SHOULD or even MUST be on a host, this is not supposed to happen.

Regards,

bert

--
http://www.PowerDNS.com      Versatile DNS Services
Trilab                       The Technology People
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
Previous By Date Next
Previous By Thread Next

Current thread: