[nsp-sec] Potential TCP / IP vulnerabilities announcedmidOctober - Outpost24 interview
Eronen Juhani
juhani.eronen at ficora.fi
Wed Oct 1 11:39:41 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Florian Weimer
> Sent: 1. lokakuuta 2008 10:18
> To: Barry Raveendran Greene
> Cc: nsp-security at puck.nether.net
> Subject: Re: [nsp-sec] Potential TCP / IP vulnerabilities
> announcedmidOctober - Outpost24 interview
>
> ----------- nsp-security Confidential --------
> I didn't list Naphta because mitigation seems possible possible at
> the application level, without kernel API changes. For instance,
> at one point, the Rock phishing proxy was relatively immune this
> type of
> attack (much more than a default Apache configuration).
Outpost24 contacted us at CERT-FI to coordinate fixing this flaw.
Unfortunately
they also chose to present on the issues all the same. In many senses
the issue
has a certain Kaminsky-ring to it. Their attack draws on known
issues, and the
question here really is if the attack has anything new and
significant to
contribute. We are still in the process of determining this.
We would like to hear more on these types of mitigations for existing
attacks.
- -Jussi
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBSOOZsf+uGgthPsivEQKKPACdHBGH/BF1jw/m5eoBUrQppBjFMSYAn24V
gDo94ze6Rc9jMR5UheSMZ31F
=kz1S
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list