Subject: Re: Article
To: Steven M. Bellovin <email@example.com>
From: Charles M. Hannum <firstname.lastname@example.org>
Date: 01/09/2003 16:12:38
> Speaking for myself, I think this is a non-issue. (It's also been
> known for years.) It's only a vulnerability if the attacker is on the
> same LAN; if that's the case, ARP-spoofing can yield all traffic, just
> just a few bytes from random packets. (If it's an unswitched LAN, you
> don't even need that.)
It's definitely been known for years -- I remember arguing with some
implementors about it myself.
Anyway, the problem is not leaking data from other packets, so much as
leaking random data from memory. mbufs are not explicitly cleared
when they're allocated.