Bugtraq mailing list archives

Re: Loopback and multi-homed routing flaw in TCP/IP stack.

From: MaD dUCK <madduck () MADDUCK NET>
Date: Mon, 5 Mar 2001 19:50:42 -0500

also sprach Kyle Sparger (on Mon, 05 Mar 2001 06:03:04PM -0500):

This information is incorrect;  Linux does 'suffer' from this in at least
version 2.2.  I believe it also 'suffers' from this in 2.4.  It's easy
enough to replicate.  For example, on ethernet, just assign a static
MAC address for the IP in question for the server in question, and you'll
get access to the appropriate interface.


2.2 is vulnerable, but 2.4 is not. as far as i can tell, 2.4 systems
don't even have a localhost routing entry anymore.

martin

[greetings from the heart of the sun]# echo madduck@!#:1:s@\@@@.net
--
your fly might be open (but don't check it just now).

Current thread:

Re: Loopback and multi-homed routing flaw in TCP/IP stack., (continued)
- - Re: Loopback and multi-homed routing flaw in TCP/IP stack. ddowney (Mar 05)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. John Cronin (Mar 05)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. ddowney (Mar 05)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Perry Harrington (Mar 05)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Perry Harrington (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Dan Harkless (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Kyle Sparger (Mar 05)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. MaD dUCK (Mar 05)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. J. Bol (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Kyle Sparger (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Kurt Seifried (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Neil W Rickert (Mar 05)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Ben Laurie (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. David Litchfield (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Robert Collins (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lincoln Yeoh (Mar 07)
  - Message not available
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lars Mathiesen (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lothar Beta (Mar 06)

(Thread continues...)