[plug] [cert-advisory at cert.org: CERT Advisory CA-2001-08]
Simon Scott
simon.scott at flexiplan.com
Wed Apr 11 14:10:45 WST 2001
OK, so how does that work?
I mean, if you are using IP-Masquerading for all intents and
purposes the internal machines are invisible. How do they designate to send
the packet to the internal network???? Wouldnt the server just
accept/reject/deny it?
From: Matt Kemner <zombie at wasp.net.au> on 11-04-2001 02:02 PM
Please respond to plug at plug.linux.org.au@SMTP at Exchange
To: plug at plug.linux.org.au@SMTP at Exchange
cc:
Subject: Re: [plug] [cert-advisory at cert.org: CERT Advisory
CA-2001-08]
On Wed, 11 Apr 2001, Jason Nicholls wrote:
> NOTE: I think this is the only way for the exploit to work, ie the
local
> interface connecting the ADSL modem is up (plus some other probs).
So perhaps
> bring down eth1 after and remove the IP settings when you're done.
I got the impression uploading the firmware was easier than that,
and
doesn't require any of the internal hosts to be set to certain IP
addresses, it just requires one of them to have port 7/udp (echo)
open and
functioning, so they can bounce packets off it.
- Matt
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************
More information about the plug
mailing list