Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0

To:	niv@xxxxxxxxxx, dlstevens@xxxxxxxxxx
Subject:	Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li
From:	"J. M." <snortwiz@xxxxxxxxxxx>
Date:	Thu, 13 May 2004 12:20:34 -0500
Cc:	netdev@xxxxxxxxxxx
Sender:	netdev-bounce@xxxxxxxxxxx

That's exactly what's happening - a service bound to an interface is receiving traffic via a different interface. That could pose security risks on a dual-homed machine (such as the device I pen-tested and discovered this flaw upon).

-Jared

From: Nivedita Singhvi <niv@xxxxxxxxxx> To: David Stevens <dlstevens@xxxxxxxxxx> CC: netdev@xxxxxxxxxxx, snortwiz@xxxxxxxxxxx Subject: Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Linux machine Date: Tue, 11 May 2004 12:15:18 -0700 MIME-Version: 1.0 Received: from e32.co.us.ibm.com ([32.97.110.130]) by mc1-f18.hotmail.com with Microsoft SMTPSVC(5.0.2195.6824); Tue, 11 May 2004 12:17:37 -0700 Received: from westrelay03.boulder.ibm.com (westrelay03.boulder.ibm.com [9.17.195.12])by e32.co.us.ibm.com (8.12.10/8.12.2) with ESMTP id i4BJGFBM740870;Tue, 11 May 2004 15:16:15 -0400 Received: from us.ibm.com ([9.17.193.83])by westrelay03.boulder.ibm.com (8.12.10/NCO/VER6.6) with ESMTP id i4BJGExf487372;Tue, 11 May 2004 13:16:15 -0600 X-Message-Info: JGTYoYF78jGRp3Vwe57C6WslWKHyO49+ Message-ID: <40A12646.7080605@xxxxxxxxxx> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20030225 X-Accept-Language: en-us, en References: <OF94DCEE79.E30FBAF0-ON88256E91.0067773D-88256E91.0067C495@xxxxxxxxxx> In-Reply-To: <OF94DCEE79.E30FBAF0-ON88256E91.0067773D-88256E91.0067C495@xxxxxxxxxx> Return-Path: niv@xxxxxxxxxx X-OriginalArrivalTime: 11 May 2004 19:17:40.0399 (UTC) FILETIME=[A0AF03F0:01C4378C]

David Stevens wrote:
Routing is something done between different hosts. Hosts normally
will accept packets for any local  address, regardless of
which interface it was received on.
That's not a bug; that's how almost everything works.
I think the only issue here is if an application that
binds to an interface should see packets coming in
from another - if that is what is happening here?.
thanks,
Nivedita

_________________________________________________________________ MSN Toolbar provides one-click access to Hotmail from any Web page ? FREE download! http://toolbar.msn.com/go/onm00200413ave/direct/01/

<Prev in Thread]	Current Thread	[Next in Thread>
Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M. RE: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M. Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M. <= Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, Stephen Hemminger Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, Sridhar Samudrala Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, David Stevens Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M.

Previous by Date:	RE: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M.
Next by Date:	Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, Stephen Hemminger
Previous by Thread:	RE: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, J. M.
Next by Thread:	Re: OSDL Bugzilla #2399: A user can remotely route a packet through eth0 on a Li, Stephen Hemminger
Indexes:	[Date] [Thread] [Top] [All Lists]