Home page logo
/

nanog logo nanog mailing list archives

Re: 0day Windows Network Interception Configuration Vulnerability
From: Nick Hilliard <nick () foobar org>
Date: Mon, 04 Apr 2011 18:53:42 +0100

On 04/04/2011 16:46, andrew.wallace wrote:
Someone has recently post to a mailing list:
http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080096.html

There's a serious vulnerability in the default ipv4 configuration too: Windows will accept a reply from any DHCP server which replies.

The fix right now is for Microsoft to disable IPv4 by default.

I think I'm the first person in the world to notice this, so can you cross-post this to full-disclosure as a critical 0day? kthx,

Nick


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]