Dailydave mailing list archives

Re: Remote kernel bug in SCTP?

From: Dragos Ruiu <dr () kyx net>
Date: Sat, 14 Mar 2009 13:25:26 -0700


On 14-Mar-09, at 12:55 AM, Nicolas RUFF wrote:

Did everyone else already know about this bug? So you connect to an  
SCTP
endpoint, then send a packet to overwrite arbitrary kernel data?  
That'd
be cool.


If you can read French (and I know some people in your team does ;),  
you
will find more information about this bug here:

http://esec.fr.sogeti.com/blog/index.php?2009/01/08/48-correction-silencieuse-d-une-vulnerabilite-dans-le-noyau-linux


BTW. Happy Birthday Nicolas.

cheers,
--dr


--
World Security Pros. Cutting Edge Training, Tools, and Techniques
Vancouver, Canada  March 16-20 2009  http://cansecwest.com
London, U.K. May 27/28 2009 http://eusecwest.com
pgpkey http://dragos.com/ kyxpgp

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Remote kernel bug in SCTP? dave (Mar 13)
- Re: Remote kernel bug in SCTP? Nicolas RUFF (Mar 14)
  - Re: Remote kernel bug in SCTP? Dragos Ruiu (Mar 14)
  - Re: Remote kernel bug in SCTP? Fionnbharr (Mar 15)
    - Re: Remote kernel bug in SCTP? Gabriel Campana (Mar 16)
    - Re: Remote kernel bug in SCTP? Nicolas RUFF (Mar 16)