In message <200301091749.47019.kefren@netbastards.org>, Mihai Chelaru writes:
>Anyone read this ? 
>http://www.eweek.com/article2/0,3959,809353,00.asp?kc=EWTH102099TX1K0100487
>
>"The Linux, NetBSD and Microsoft Windows operating systems are known to 
>have vulnerable link layer implementations, and it is extremely likely 
>that other operating systems are also affected." 
>
>Any official position regarding this ?
>

Speaking for myself, I think this is a non-issue.  (It's also been 
known for years.)  It's only a vulnerability if the attacker is on the 
same LAN; if that's the case, ARP-spoofing can yield all traffic, just 
just a few bytes from random packets.  (If it's an unswitched LAN, you 
don't even need that.)

		--Steve Bellovin, http://www.research.att.com/~smb (me)
		http://www.wilyhacker.com (2nd edition of "Firewalls" book)