lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200209081143.g88Bhni25539@mailserver2.hushmail.com>
From: andy_mn at hushmail.com (andy_mn@...hmail.com)
Subject: remote kernel exploits?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey

I've been hearing about this for the past year, but always shrugged
it off as fun-and-games at best or FUD at worst. A few days ago, though,
I posed the question to a friend who has been a very reliable source
in the past concerning exploit rumors and security gossip (among
many other things, he was able to give me two week's warning about
the Apache chunked encoding hole). He said in no uncertain terms
that although he has no substantial information concerning the flaws,
the Linux kernel, FreeBSD/OpenBSD kernel, and possibly other kernels
contain remote vulnerabilities that were discovered independently by
both a Bindview employee and/or an individual using the nickname ~el8.

The bugs are said to have something to do with integer manipulation in
the kernels' TCP/IP stacks. That's all he was able to offer me, but was
very forward in saying that he has full confidence based on
conversations with others that these bugs do indeed exist.

Now, there's always the chance I'll be wrong, but unless someone wishes
to comment on the technical plausibility of these vulnerabilities, I
have several second-rate reasons as to why I believe these rumours
are most likely just figments of the imagination:

- - I have not seen any incident reports on Incidents, or any other
mailing list for that matter.

- - You'd think several high profile sites would've been attacked already
with such devastating exploits, but I've seen no reports of this. In
fact, if the kids really did have such an exploit, you'd think they'd
tag their h4ndl3z all over high profile sites. But according to Alldas,
high profile defacements have been virtually nonexistent in the last
year or so.

- - Given the skill required to craft such an exploit, I'd think it
would be way out of the grasp of the kids. Since no researcher has
come forth with such a vulnerability, it's logical to conclude that
this does not exist.


Anyway, I'm very interested in hearing what others have to offer
concerning these rumors. Even if it's for reassurance ;>

- -- Andy



-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlwEARECABwFAj17ObAVHGFuZHlfbW5AaHVzaG1haWwuY29tAAoJEDRxILB1JtUKPLoA
n1do1g9fG+QCaKe5+dFeMu9Rw5KNAKCOLV2ToVpNRmmH2V2t1sdBsZi6ew==
=h3o0
-----END PGP SIGNATURE-----




Get your free encrypted email at https://www.hushmail.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com





Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ