Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Linux Kernel Exploits / ABFrag
From: Cedric Blancher <blancher () cartel-securite fr>
Date: 17 Oct 2002 23:09:24 +0200

Le jeu 17/10/2002 à 22:55, huang po a écrit :
Even if it were true, it would be very much more harder to write so
that it would affect *different* OS's: the differences in the TCP
stacks are not that large, but significant for at least this purpose.

I completly agree this point.

For now, only concrete thing I saw about this rumor was kind of social
engineering stuff based on some "Bet you I can root your box through TCP
stack ?" challenge aimed to have target admin trace the attack using a
vulnerable tcpdump.

I can be wrong, but it seems to me quite difficult to have a kernel
exploit that works on both BSD and Linux, using the same
vulnerability...

-- 
Cédric Blancher  <blancher () cartel-securite fr>
IT systems and networks security expert  - Cartel Sécurité
Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99
PGP KeyID:157E98EE  FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]