Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: VU#210321

  • From: Derek Samford
  • Date: Tue Sep 10 10:41:31 2002

Ian,
	So right now this is a scary rumor floating around the security
scene? Is there any particular trace, or any further details your aware
of? Also, I think it may be safe to assume the Mac OS X/Jaguar may be
vulnerable as well. AFAIK it runs of the BSD IP Stack, so it's more than
likely that it is vulnerable if this exploit is in fact a reality. I'll
keep an eye out for any suspicious traffic myself, as I'm sure will the
rest of the list. Thanks for the warning, as if this is real, it could
be be potentially very harmful. Any great C Coders out there start
pouring over the code yet?

Derek

> -----Original Message-----
> From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf
Of
> CERT(R) Coordination Center
> Sent: Tuesday, September 10, 2002 10:16 AM
> To: nanog@merit.edu
> Cc: CERT(R) Coordination Center
> Subject: VU#210321
> 
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Hello,
> 
> The CERT/CC has recently seen discussions in a public forum detailing
> potential vulnerabilities in several TCP/IP implementations (Linux,
> OpenBSD, and FreeBSD). We are particularly concerned about these types
> of vulnerabilities because they have the potential to be exploited
> even if the target machine has no open ports.
> 
> The messages can be found here:
> 
> http://lists.netsys.com/pipermail/full-disclosure/2002-
> September/001667.html
> http://lists.netsys.com/pipermail/full-disclosure/2002-
> September/001668.html
> http://lists.netsys.com/pipermail/full-disclosure/2002-
> September/001664.html
> http://lists.netsys.com/pipermail/full-disclosure/2002-
> September/001643.html
> 
> Note that one individual claims two exploits exist in the
> underground. At this point in time, we do not have any more
> information, nor have we been able to confirm the existence of these
> vulnerabilities.
> 
> We would appreciate any feedback or insight you may have. We will
> continue to keep an eye out for further discussions regarding this
> topic.
> 
> FYI,
> Ian
> 
> Ian A. Finlay
> CERT (R) Coordination Center
> Software Engineering Institute
> Carnegie Mellon University
> Pittsburgh, PA  USA  15213-3890
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 5.0i for non-commercial use
> Charset: noconv
> 
> iQCVAwUBPX3/VqCVPMXQI2HJAQFEqQQAr54e9c5SGgrIfmK5+EWqSOdvySKRtjwa
> 6dE4Z4DcoyHS57W5BEwW2OSXSGwrBL+mzippfTEnwAVT/otLYAADsnlPSQioRYNi
> qHVh8yRXgh3kBgx3cMdhe3NC6zaSWffOsc/EvhkCDo2xa8FQItOqE5MjOeASjt1L
> st5qq4mgM+E=
> =kHt1
> -----END PGP SIGNATURE-----



  • References:


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.