Bugtraq mailing list archives
Re: Loopback and multi-homed routing flaw in TCP/IP stack.
From: bert hubert <ahu () DS9A NL>
Date: Tue, 6 Mar 2001 23:01:40 +0100
On Tue, Mar 06, 2001 at 01:34:18PM +0300, 3APA3A wrote:
Windows NT behaves same way - it will accept connection to internal address through external interface even if routing is not enabled (I'm not sure about loopback). Then configuring Cisco routers it's quite
One thing that hasn't been clearly stated, although it's obvious to experts: this vulnerability is only available for people who are already on your subnet. So it IS a 'remote vulnerability' but only for people who are on your subnet. So if you have a DMZ with no untrusted computers on the subnet, this will not harm you. I still feel that this is a pretty stupid oversight - if routing is switched off as it SHOULD or even MUST be on a host, this is not supposed to happen. Regards, bert -- http://www.PowerDNS.com Versatile DNS Services Trilab The Technology People 'SYN! .. SYN|ACK! .. ACK!' - the mating call of the internet
Current thread:
- Re: Loopback and multi-homed routing flaw in TCP/IP stack., (continued)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. David Litchfield (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Robert Collins (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lincoln Yeoh (Mar 07)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
- Message not available
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lars Mathiesen (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. David Damerell (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Martin Macok (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. 3APA3A (Mar 07)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. bert hubert (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Crist Clark (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Woody (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lupe Christoph (Mar 07)