[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
- To: Georgi Guninski <guninski@xxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
- From: Darren Martyn <d.martyn.fulldisclosure@xxxxxxxxx>
- Date: Wed, 9 Nov 2011 14:51:48 +0000
Oddly enough, I was aware the kernel has to handle packets sent to "closed"
ports, just was not thinking of HOW it handles them. I would love to see
the code for that, and am planning to look at the same code on Linux so I
can see exactly what the hell it does.
On Wed, Nov 9, 2011 at 1:56 PM, Georgi Guninski <guninski@xxxxxxxxxxxx>wrote:
> On Tue, Nov 08, 2011 at 11:53:52PM +0200, Henri Salo wrote:
> > http://technet.microsoft.com/en-us/security/bulletin/ms11-083
> >
> > "The vulnerability could allow remote code execution if an attacker
> sends a continuous flow of specially crafted UDP packets to a closed port
> on a target system."
> >
> > Microsoft did it once again.
> >
> > - Henri Salo
> >
>
> Imagine if you knew about this a few years ago...
>
> --
> j
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
My Homepage :D <http://compsoc.nuigalway.ie/%7Einfodox>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/