Vulnerability Development mailing list archives
Re: smk
From: c0n <root () DEF-CON ORG>
Date: Thu, 11 Jan 2001 04:18:40 -0600
I think that I actually lost brain cell's by reading that. It just hurt my head to think anyone could be so misinformed. "I will use the NON-R0UTABLE 127.0.0.1 client setting for this demonstration (most commonly used IP for LAN settings)" What? ok, sure. -c0n The greatest of all faults is to be conscious of none -Thomas Carlyle 1795-1881 On Wed, 10 Jan 2001, Ryan Permeh wrote:
perhaps this just wasn't written in a way i could understand, but from what i gathered, it looked like they were trying to do some kind of dns redirection attack, paired with the routing of the loopback address(not even sure why anyone would want to route this, since it ususally will never even send a packet on the wire). I'm not certain i'm seeing any new vulnerabilities, or any vulnerabilities at all. it wasn't written in a way where i could understand their test scenarios, or the processes they used, or even really what the end result should have been. perhaps someone who read this and understood it better could comment further, but from the information in there, i couldn't see any problems, ither than a presupposed NIC Registry spoof and a bad routing table on router X. Signed, Ryan eEye Digital Security Team http://www.eEye.com ----- Original Message ----- From: "Jim Carr" <viper () BEA COM> To: <VULN-DEV () SECURITYFOCUS COM> Sent: Tuesday, January 09, 2001 10:51 AM Subject: smkI haven't heard any chat about this from Stray Mountain Kitty about a NAT exploit. http://www.cryptography.ws/smk/smk-vun.001.001.htm Has anyone have any ideas or heard about this? Viper Team viper () bea com
--