Bugtraq mailing list archives

Re: Linux Kernel Exploits / ABFrag

From: Cedric Blancher <blancher () cartel-securite fr>
Date: 17 Oct 2002 23:09:24 +0200

Le jeu 17/10/2002 à 22:55, huang po a écrit :

Even if it were true, it would be very much more harder to write so
that it would affect *different* OS's: the differences in the TCP
stacks are not that large, but significant for at least this purpose.


I completly agree this point.

For now, only concrete thing I saw about this rumor was kind of social
engineering stuff based on some "Bet you I can root your box through TCP
stack ?" challenge aimed to have target admin trace the attack using a
vulnerable tcpdump.

I can be wrong, but it seems to me quite difficult to have a kernel
exploit that works on both BSD and Linux, using the same
vulnerability...

-- 
Cédric Blancher  <blancher () cartel-securite fr>
IT systems and networks security expert  - Cartel Sécurité
Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99
PGP KeyID:157E98EE  FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE

Current thread:

Linux Kernel Exploits / ABFrag daniel . roberts (Oct 17)
- Re: Linux Kernel Exploits / ABFrag h2g . sec . list (Oct 17)
- Re: Linux Kernel Exploits / ABFrag dr john halewood (Oct 17)
- <Possible follow-ups>
- Re: Linux Kernel Exploits / ABFrag huang po (Oct 17)
  - Re: Linux Kernel Exploits / ABFrag Cedric Blancher (Oct 17)
- Re: Linux Kernel Exploits / ABFrag Muhammad Faisal Rauf Danka (Oct 19)