Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 09 Mar 2012 22:49:21 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Eric Leblond <eric@...it.org>
Subject: Re: Attack on badly configured Netfilter-based firewalls

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/09/2012 04:01 PM, Eric Leblond wrote:
> Hello,
> 
> On Mon, 2012-02-27 at 14:46 +0100, Eric Leblond wrote:
>> Hello,
>> 
>> On Mon, 2012-02-27 at 05:25 +0400, Solar Designer wrote:
>>> Eugene, all -
>>> 
>>> On Mon, Feb 27, 2012 at 09:19:59AM +0800, Eugene Teo wrote:
> ...
> 
>> e it to Eric much earlier),
>>> Eric would post to the list e.g. in January and ask for the
>>> issue to be kept private until March - thereby violating the
>>> list's maximum embargo period.
> 
> The slides and videos of my CansecWest talk are available: 
> http://home.regit.org/2012/03/playing-with-network-layers-to-bypass-firewalls-filtering-policy/
>
>  I've done a complete description of the attack and also
> demonstrate the need to be careful with the use of helpers.
> 
> BR,

Are there any specific issues for which you need CVE's? (haven't had
time to view the slides yet, hopefully soon).

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJPWuthAAoJEBYNRVNeJnmTIM8QAMJkVHzHjQOAGyKXuajUfwLo
EHX2pd7gosTir5Bi5MB6IJFlzDBRDPzD9Sj3m3zc+pYdory/J0yS38/iwodm4qAZ
M6i/MV0Fs6WB+WWYlgj/8wD3o+0vU2qaBkQ2Y6CUw+fh1EV+uB5eh/JiE4s2kLrc
gmhM3tc/4ebAzJT0LD8IZKqVokRvSkNSLltcW13fLVY2+kJxy4Skf2NrqBdtkwDT
5C8d4CuGyOe6iJ9fWQ3B2PCC+pf4S9Ywmef5omJv6v9hzlqxm8DQ49vjkkTToK71
VHjsPHSLcJnGjm08NlEb8Yhvh+oDWWiAYosRT9nBtGSoFou+WZGXKdQOQcMRRwd2
7Iwng4VRUqzqYqa93SQ07974SfzscF6hs1QWslUWXqHZfStp95iY6SU/shCuEyX8
PerHjlmnyayq8EuJWb9Wvv7/4a7/BEfYduKC8fRbtRnbNpgwtIk3VEo2aLRHHfeh
cVIwUEgkMHFH0jzBghVrHnkteHAH3B37YWjIt3VHc6n8BWr516s8uleoclrM1q5S
15fkrnjCbRGqjRPOnCzPzKP0g0kRqotmr8VbJpTd4i2JBMm7sZk9ip2+F+iJRw8d
f4e2n2mfRW0X4uUVUXXyCX7fMZ3H0mR52FBhOD8+I+PwwHrbgRcgTjjXp0qzcl+Y
fSFjEfrMd1BAwIHNW7Uz
=KyjP
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.