[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [CVE-2012-0207] Linux IGMP Remote Denial Of Service



On 18 January 2012 09:38, HI-TECH .
<isowarez.isowarez.isowarez@xxxxxxxxxxxxxx> wrote:
> Tested and vulnerable against:
> * Linux kernels above or equal to 2.6.36 (local network)
>
> Untested
> * Your iPhone
> * I heard of rumours that the bug is triggerable using unicast
> addresses across the internet
>
> Am 17. Januar 2012 22:14 schrieb Dan Kaminsky <dan@xxxxxxxxxxx>:
>> LAN-only, no?
>>
>> Sent from my iPhone
>>
>> On Jan 17, 2012, at 4:11 PM, "HI-TECH ." 
>> <isowarez.isowarez.isowarez@xxxxxxxxxxxxxx> wrote:
>>
>>> Demonstration of the Exploit:
>>> http://www.youtube.com/watch?v=78nAxh70yZE (thanks ClsHack)
>>>
>>> see attached content
>>>
>>> /Kingcope
>>> <undeadattack.c>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/


Best comeback i think i have seen on FD :)
thx for the morning laff,

also people dont realise that this is possible that this was only a
'poc' and not a really hardcore working d0s, but, you would probably
only need to modify optarg and possibly look at the igmp v3 packet
abit closer, better yet, look back to the bugs in the icmp stack, and
there was the same bugs in those years but they would cause the
machine to be rendered unuseable.
I suspect that this is only a 'snippet' of the reeel deal ;)
cheers kope, see you online in 5minutes!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/