Bugtraq mailing list archives

Re: Loopback and multi-homed routing flaw in TCP/IP stack.

From: Darren Reed <avalon () COOMBS ANU EDU AU>
Date: Wed, 7 Mar 2001 09:58:58 +1100

In some mail from Woody, sie said:


Subject: Loopback and multi-homed routing flaw in TCP/IP stack.
Author: Woody <woody () thebunker net>

We believe there to be a serious security flaw in the TCP/IP stack of
several Unix-like operating systems. Whilst being "known" behavior on
technical mailing lists, we feel that the implications of this
"feature" are unexpected. Furthermore, not all platforms behave in the
same way, which will obviously lead to invalid expectations.

PLEASE NOTE: We have received a lot of replies to this advisory from
        developers who have missed the point. Before you reply, please
        read the advisory at least twice, to ensure you understand its
        implications, and scope.


No, I think you should have listened to people before you posted this.
You clearly didn't, on a number of different fronts, including that for
Solaris.  Really, if you're going to post a security advisory and want
to comment about Solaris you should at least go to the trouble of getting
the Solaris8 source code, for a recent reference.

The localhost issue where remote hosts can connect to localhost addresses
on other boxes is an issue, yes, but the other...no.

Much has been said about the strong vs weak ES model here so I'll not
debate that any further.  Suffice to say that it wasn't as unknown as
you wanted to claim and people were happy with it.  As you've been made
aware, it's been known as a bug in NetBSD since 1995.

The other part of your advisory is the argument that IP addresses on
an interface should not be reachable, by default, through others because
people bind things to particular interfaces for security reasons and
that people would be surprised to find out it's not like that.  Well,
any admin who's setup something like that and gone on to not test his
configuration is being careless.  The expectation of implied filtering
of packets is an illusion created by that person for themselves.  I've
not read anywhere that the behaviour is documented to be such.  Your
claim that this is wrong is just your opinion and typically security
advisories are based on factual security flaws, not opinions.  The
security problem here is in people not testing "security" they think
they have put in place.

Current thread:

Re: Loopback and multi-homed routing flaw in TCP/IP stack., (continued)
- - - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Robert Collins (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lincoln Yeoh (Mar 07)
    - Message not available
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lars Mathiesen (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lothar Beta (Mar 06)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. David Damerell (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. 3APA3A (Mar 06)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Martin Macok (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. 3APA3A (Mar 07)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. bert hubert (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Crist Clark (Mar 06)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Darren Reed (Mar 06)
  - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Woody (Mar 06)
    - Re: Loopback and multi-homed routing flaw in TCP/IP stack. Lupe Christoph (Mar 07)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. BrandonButterworth (Mar 05)
- Re: Loopback and multi-homed routing flaw in TCP/IP stack. Adam Laurie (Mar 07)