Re: NetBSD Security Advisory 1999-010

From: Olaf Kirch (okirat_private)
Date: Fri May 21 1999 - 07:59:21 PDT

Next message: Oystein Viggen: "Re: Solaris libc exploit"

Previous message: Philip Rowlands: "Re: tcsh overflow"
Maybe in reply to: matthew green: "NetBSD Security Advisory 1999-010"
Next in thread: Ryan Russell: "Re: NetBSD Security Advisory 1999-010"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Talking of ARP, at least Linux has the problem that it blindly accepts
whatever hardware address it finds in the ARP response -- be it the
MAC broadcast address, or a multicast one. Not sure wheter other
OSs are affected.

I didn't find anything dangerous you can do with this, unless there's
some really stupid IP stack that tries to forward IP packets that were
sent to the MAC broadcast--that would indeed be network meltdown. But
I haven't seen such a stack.

I reported this to Alan a week or two ago, so I would assume that
it has been fixed in the meanwhile :)

Olaf
--
Olaf Kirch         |  --- o --- Nous sommes du soleil we love when we play
okirat_private  |    / | \   sol.dhoop.naytheet.ah kin.ir.samse.qurax

Next message: Oystein Viggen: "Re: Solaris libc exploit"
Previous message: Philip Rowlands: "Re: tcsh overflow"
Maybe in reply to: matthew green: "NetBSD Security Advisory 1999-010"
Next in thread: Ryan Russell: "Re: NetBSD Security Advisory 1999-010"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:46:33 PDT