| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAJtJjZugefu-7watgTV6ZfcaPJEOXb0wmyLZCHX=OmMS921TBQ@mail.gmail.com>
Date: Wed, 9 Nov 2011 14:51:48 +0000
From: Darren Martyn <d.martyn.fulldisclosure@...il.com>
To: Georgi Guninski <guninski@...inski.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Microsoft Windows vulnerability in TCP/IP
Could Allow Remote Code Execution (2588516)
Oddly enough, I was aware the kernel has to handle packets sent to "closed"
ports, just was not thinking of HOW it handles them. I would love to see
the code for that, and am planning to look at the same code on Linux so I
can see exactly what the hell it does.
On Wed, Nov 9, 2011 at 1:56 PM, Georgi Guninski <guninski@...inski.com>wrote:
> On Tue, Nov 08, 2011 at 11:53:52PM +0200, Henri Salo wrote:
> > http://technet.microsoft.com/en-us/security/bulletin/ms11-083
> >
> > "The vulnerability could allow remote code execution if an attacker
> sends a continuous flow of specially crafted UDP packets to a closed port
> on a target system."
> >
> > Microsoft did it once again.
> >
> > - Henri Salo
> >
>
> Imagine if you knew about this a few years ago...
>
> --
> j
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
My Homepage :D <http://compsoc.nuigalway.ie/%7Einfodox>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists