nanog mailing list archives
Re: 0day Windows Network Interception Configuration Vulnerability
From: Nick Hilliard <nick () foobar org>
Date: Mon, 04 Apr 2011 18:53:42 +0100
On 04/04/2011 16:46, andrew.wallace wrote:
Someone has recently post to a mailing list: http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080096.html
There's a serious vulnerability in the default ipv4 configuration too: Windows will accept a reply from any DHCP server which replies.
The fix right now is for Microsoft to disable IPv4 by default.I think I'm the first person in the world to notice this, so can you cross-post this to full-disclosure as a critical 0day? kthx,
Nick
Current thread:
- 0day Windows Network Interception Configuration Vulnerability andrew.wallace (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Andrew Kirch (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Valdis . Kletnieks (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Dan White (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Jeroen van Ingen (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Mikael Abrahamsson (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Jeroen van Ingen (Apr 04)
- Re: 0day Windows Network Interception Configuration Vulnerability Nick Hilliard (Apr 04)
- <Possible follow-ups>
- Re: 0day Windows Network Interception Configuration Vulnerability Johnny Eriksson (Apr 04)