Subject: Re: Ethernet vulnerabilty [CERT vulnerability note VU#412115]
To: None <firstname.lastname@example.org>
From: Christos Zoulas <email@example.com>
Date: 01/09/2003 18:39:34
In article <Pine.NEB.firstname.lastname@example.org>,
Brian Chase <email@example.com> wrote:
>The CERT site lists the status of NetBSD's drivers with respect to this
>vulnerablity as "unknown". Does anyone know whether our ethernet
>drivers suffer from the the listed vulnerability?
>The above url details the problem.
For most modern chips this is a non-issue because they do automatic
padding (now what they pad with, god knows; I hope it is zeros)...
For the most popular vintage chips (eg. lance) we pad zeros manually.
There are others that might be broken (3c501).