remote kernel exploits?

[andy_mn () hushmail com]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hey

I've been hearing about this for the past year, but always shrugged
it off as fun-and-games at best or FUD at worst. A few days ago, though,
I posed the question to a friend who has been a very reliable source
in the past concerning exploit rumors and security gossip (among
many other things, he was able to give me two week's warning about
the Apache chunked encoding hole). He said in no uncertain terms
that although he has no substantial information concerning the flaws,
the Linux kernel, FreeBSD/OpenBSD kernel, and possibly other kernels
contain remote vulnerabilities that were discovered independently by
both a Bindview employee and/or an individual using the nickname ~el8.

The bugs are said to have something to do with integer manipulation in
the kernels' TCP/IP stacks. That's all he was able to offer me, but was
very forward in saying that he has full confidence based on
conversations with others that these bugs do indeed exist.

Now, there's always the chance I'll be wrong, but unless someone wishes
to comment on the technical plausibility of these vulnerabilities, I
have several second-rate reasons as to why I believe these rumours
are most likely just figments of the imagination:

- - I have not seen any incident reports on Incidents, or any other
mailing list for that matter.

- - You'd think several high profile sites would've been attacked already
with such devastating exploits, but I've seen no reports of this. In
fact, if the kids really did have such an exploit, you'd think they'd
tag their h4ndl3z all over high profile sites. But according to Alldas,
high profile defacements have been virtually nonexistent in the last
year or so.

- - Given the skill required to craft such an exploit, I'd think it
would be way out of the grasp of the kids. Since no researcher has
come forth with such a vulnerability, it's logical to conclude that
this does not exist.


Anyway, I'm very interested in hearing what others have to offer
concerning these rumors. Even if it's for reassurance ;>

- -- Andy



-----BEGIN PGP SIGNATURE-----
Version: Hush 2.1
Note: This signature can be verified at https://www.hushtools.com

wlwEARECABwFAj17ObAVHGFuZHlfbW5AaHVzaG1haWwuY29tAAoJEDRxILB1JtUKPLoA
n1do1g9fG+QCaKe5+dFeMu9Rw5KNAKCOLV2ToVpNRmmH2V2t1sdBsZi6ew==
=h3o0
-----END PGP SIGNATURE-----




Get your free encrypted email at https://www.hushmail.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com