Full Disclosure mailing list archives
Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
From: Chris L <inchcombec () gmail com>
Date: Fri, 11 Nov 2011 17:34:36 -0800
Wow, good eye. I can't remember UDP having an ACK packet type, being a stateless protocol and all, either. I actually looked back through this thread of emails and it is actually mentioned many times, the idea of the exploit involving certain SQN or ACK packets, although only by "xD 0x41" as far as I can see. I'm not sure about anyone else, but I at least, take "xD 0x41"s posts with a spoonful of salt since there is no corroborating information and the descriptions are vague, contradictory, incomprehensible or some combination thereof. Anyway, I'm not an expert, that is just my personal observation. I'm just a comp sci student that joined this list a couple months ago to try to learn some more about real world computer security. (As opposed to just lab-environment, controlled, with expected results, computer security.) I'm interested in this alleged bug, and if there are any other descriptions of it that are more *clear* about the actual effect or impact, I'd appreciate a link. While I'm at it, since I've mentioned I'm a student and learning, any other helpful links to learn from are also appreciated. :) On Fri, Nov 11, 2011 at 3:31 PM, Ian Hayes <cthulhucalling () gmail com> wrote:
On Fri, Nov 11, 2011 at 3:13 PM, xD 0x41 <secn3t () gmail com> wroteanyhow... it doesnty take, 49days, atall.. and, yes, indeed, will be one good packet, if the packet , has the right SQN + Ack number.^^^^^^^^^^^^^^^^^^^^^^^^^^ We are discussing UDP, as per the MS advisory, yes? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516), (continued)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Antony widmal (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Dan Ballance (Nov 13)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Mario Vilas (Nov 12)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Darren Martyn (Nov 12)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) dave bl (Nov 13)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Dan Tulovsky (Nov 13)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Antony widmal (Nov 13)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Valdis . Kletnieks (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Ian Hayes (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Chris L (Nov 13)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Dan Ballance (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Mario Vilas (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Gary Baribault (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Michal Zalewski (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Antony widmal (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Sergito (Nov 11)