[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

was [Full-Disclosure] Core Internet Vulnerable - News at 11:00 -= Your message to Full-Disclosure awaits moderator approval

To: Full Disclosure List <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: was [Full-Disclosure] Core Internet Vulnerable - News at 11:00 -= Your message to Full-Disclosure awaits moderator approval
From: Steve Menard <smenard@xxxxxxxxxxx>
Date: Tue, 20 Apr 2004 22:45:23 -0300

Moderation of an un-moderated list at it's best
on an valid subject no less ....
I guess it's my bad as its not named early disclosure

So, malware below 20k ........ Ca CHING
Bet this fits whithin the 20K  ;-)
and takes what xx minutes to make it to the last victim

At 16:48 AST [1548EST] I sent David Ahmed's copy of [NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP] forwarded from the UK In reply to

Crist J. Clark wrote:

Does anyone know WTF they are trying to say in this AP article,
"Core Internet Technology Is Vulnerable,"
http://story.news.yahoo.com/news?tmpl=story&cid=562&ncid=738&e=1&u=/ap/20040420/ap_on_hi_te/internet_threat
It sounds like they are talking about a sequence number guessing
attack on TCP BGP sessions? Sequence number prediction isn't really
a new attack, but the story says,
 "Experts previously maintained such attacks could take between
  four years and 142 years to succeed because they require guessing
  a rotating number from roughly 4 billion possible combinations.
  Watson said he can guess the proper number with as few as four
  attempts, which can be accomplished within seconds."
Hmmm... Four attempts... And the story makes it sound like a cross-platform attack, not a bug in a particular OS's ISN generation. FUD or is there something here?


I found this [below] in my in basket
Luckily I sent Christ the email OFF_LINE
smenard

PS BONUS POINTS:  Dr Phil can't participate
can any one tell me why I feel like swearing?
full disclosure.....................Limited of course ;-)

Your mail to 'Full-Disclosure' with the subject

Re: [Full-Disclosure] Core Internet Vulnerable - News at 11:00

Is being held until the list moderator can review it for approval.

The reason it is being held:

Message body is too big: 46716 bytes but there's a limit of 20 KB

Either the message will get posted to the list, or you will receive
notification of the moderator's decision.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: was [Full-Disclosure] Core Internet Vulnerable - News at 11:00 -= Your message to Full-Disclosure awaits moderator approval
  - From: Byron Copeland

Prev by Date: RE: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
Next by Date: re: [Full-Disclosure] Passwords for Chocolate!
Previous by thread: [Full-Disclosure] Linux kernel setsockopt MCAST_MSFILTER integer overflow proof of concept code
Next by thread: Re: was [Full-Disclosure] Core Internet Vulnerable - News at 11:00 -= Your message to Full-Disclosure awaits moderator approval
Index(es):
- Date
- Thread