|
Bugtraq
mailing list archives
Re: Loopback and multi-homed routing flaw in TCP/IP stack.
From: bert hubert <ahu () DS9A NL>
Date: Tue, 6 Mar 2001 23:01:40 +0100
On Tue, Mar 06, 2001 at 01:34:18PM +0300, 3APA3A wrote:
Windows NT behaves same way - it will accept connection to internal
address through external interface even if routing is not enabled (I'm
not sure about loopback). Then configuring Cisco routers it's quite
One thing that hasn't been clearly stated, although it's obvious to experts:
this vulnerability is only available for people who are already on your
subnet.
So it IS a 'remote vulnerability' but only for people who are on your
subnet. So if you have a DMZ with no untrusted computers on the subnet, this
will not harm you.
I still feel that this is a pretty stupid oversight - if routing is switched
off as it SHOULD or even MUST be on a host, this is not supposed to happen.
Regards,
bert
--
http://www.PowerDNS.com Versatile DNS Services
Trilab The Technology People
'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
 By Date 
By Thread
Current thread:
- Re: Loopback and multi-homed routing flaw in TCP/IP stack., (continued)
|
Intro
