On Thu, Jan 09, 2003 at 11:06:46AM -0500, Steven M. Bellovin wrote:
> In message <200301091749.47019.kefren@netbastards.org>, Mihai Chelaru writes:
> >Anyone read this ? 
> >http://www.eweek.com/article2/0,3959,809353,00.asp?kc=EWTH102099TX1K0100487
> >
> >"The Linux, NetBSD and Microsoft Windows operating systems are known to 
> >have vulnerable link layer implementations, and it is extremely likely 
> >that other operating systems are also affected." 
> >
> >Any official position regarding this ?
> >
> 
> Speaking for myself, I think this is a non-issue.  (It's also been 
> known for years.)  It's only a vulnerability if the attacker is on the 
> same LAN; if that's the case, ARP-spoofing can yield all traffic, just 

No, it's not restricted to the LAN. If you can make the system send you
a packet smaller than ETHER_MIN_LEN, and the system has a vulnerable driver,
the packet with the leaked data will be routed to your system.

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 23 ans d'experience feront toujours la difference
--