Subject: Re: Article
To: Steven M. Bellovin <email@example.com>
From: Manuel Bouyer <firstname.lastname@example.org>
Date: 01/11/2003 21:47:54
On Thu, Jan 09, 2003 at 11:06:46AM -0500, Steven M. Bellovin wrote:
> In message <email@example.com>, Mihai Chelaru writes:
> >Anyone read this ?
> >"The Linux, NetBSD and Microsoft Windows operating systems are known to
> >have vulnerable link layer implementations, and it is extremely likely
> >that other operating systems are also affected."
> >Any official position regarding this ?
> Speaking for myself, I think this is a non-issue. (It's also been
> known for years.) It's only a vulnerability if the attacker is on the
> same LAN; if that's the case, ARP-spoofing can yield all traffic, just
No, it's not restricted to the LAN. If you can make the system send you
a packet smaller than ETHER_MIN_LEN, and the system has a vulnerable driver,
the packet with the leaked data will be routed to your system.
Manuel Bouyer <firstname.lastname@example.org>
NetBSD: 23 ans d'experience feront toujours la difference