|
Message-ID: <4F5AEB61.3070509@redhat.com> Date: Fri, 09 Mar 2012 22:49:21 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Eric Leblond <eric@...it.org> Subject: Re: Attack on badly configured Netfilter-based firewalls -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/09/2012 04:01 PM, Eric Leblond wrote: > Hello, > > On Mon, 2012-02-27 at 14:46 +0100, Eric Leblond wrote: >> Hello, >> >> On Mon, 2012-02-27 at 05:25 +0400, Solar Designer wrote: >>> Eugene, all - >>> >>> On Mon, Feb 27, 2012 at 09:19:59AM +0800, Eugene Teo wrote: > ... > >> e it to Eric much earlier), >>> Eric would post to the list e.g. in January and ask for the >>> issue to be kept private until March - thereby violating the >>> list's maximum embargo period. > > The slides and videos of my CansecWest talk are available: > http://home.regit.org/2012/03/playing-with-network-layers-to-bypass-firewalls-filtering-policy/ > > I've done a complete description of the attack and also > demonstrate the need to be careful with the use of helpers. > > BR, Are there any specific issues for which you need CVE's? (haven't had time to view the slides yet, hopefully soon). - -- Kurt Seifried Red Hat Security Response Team (SRT) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJPWuthAAoJEBYNRVNeJnmTIM8QAMJkVHzHjQOAGyKXuajUfwLo EHX2pd7gosTir5Bi5MB6IJFlzDBRDPzD9Sj3m3zc+pYdory/J0yS38/iwodm4qAZ M6i/MV0Fs6WB+WWYlgj/8wD3o+0vU2qaBkQ2Y6CUw+fh1EV+uB5eh/JiE4s2kLrc gmhM3tc/4ebAzJT0LD8IZKqVokRvSkNSLltcW13fLVY2+kJxy4Skf2NrqBdtkwDT 5C8d4CuGyOe6iJ9fWQ3B2PCC+pf4S9Ywmef5omJv6v9hzlqxm8DQ49vjkkTToK71 VHjsPHSLcJnGjm08NlEb8Yhvh+oDWWiAYosRT9nBtGSoFou+WZGXKdQOQcMRRwd2 7Iwng4VRUqzqYqa93SQ07974SfzscF6hs1QWslUWXqHZfStp95iY6SU/shCuEyX8 PerHjlmnyayq8EuJWb9Wvv7/4a7/BEfYduKC8fRbtRnbNpgwtIk3VEo2aLRHHfeh cVIwUEgkMHFH0jzBghVrHnkteHAH3B37YWjIt3VHc6n8BWr516s8uleoclrM1q5S 15fkrnjCbRGqjRPOnCzPzKP0g0kRqotmr8VbJpTd4i2JBMm7sZk9ip2+F+iJRw8d f4e2n2mfRW0X4uUVUXXyCX7fMZ3H0mR52FBhOD8+I+PwwHrbgRcgTjjXp0qzcl+Y fSFjEfrMd1BAwIHNW7Uz =KyjP -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.