Vulnerability Development mailing list archives

Re: smk

From: Ryan Permeh <ryan () EEYE COM>
Date: Wed, 10 Jan 2001 09:28:22 -0800

perhaps this just wasn't written in a way i could understand, but from what
i gathered, it looked like they were trying to do some kind of dns
redirection attack, paired with the routing of the loopback address(not even
sure why anyone would want to route this, since it ususally will never even
send a packet on the wire). I'm not certain i'm seeing any new
vulnerabilities, or any vulnerabilities at all.  it wasn't written in a way
where i could understand their test scenarios, or the processes they used,
or even really what the end result should have been.  perhaps someone who
read this and understood it better could comment further, but from the
information in there, i couldn't see any problems, ither than a presupposed
NIC Registry spoof and a bad routing table on router X.
Signed,
Ryan
eEye Digital Security Team
http://www.eEye.com

----- Original Message -----
From: "Jim Carr" <viper () BEA COM>
To: <VULN-DEV () SECURITYFOCUS COM>
Sent: Tuesday, January 09, 2001 10:51 AM
Subject: smk

I haven't heard any chat about this from Stray Mountain Kitty about a NAT
exploit.
http://www.cryptography.ws/smk/smk-vun.001.001.htm

Has anyone have any ideas or heard about this?

Viper Team
viper () bea com

Current thread:

smk Jim Carr (Jan 09)
- Re: smk Dan Kaminsky (Jan 10)
- Re: smk Ryan Permeh (Jan 10)
  - Re: smk c0n (Jan 11)