Re: 3Com's TippingPoint Denial of Service
--=-TfvSRrdrl4z3onhqpTdz
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
<snip>
> Details:
> =3D=3D=3D=3D=3D=3D=3D=3D
>=20
> When quickly flooded with packets destined for port 80, and an incrementi=
ng
> source port this causes the software to consume a huge amount of CPU time=
,
> due to a badly written loop, causing the device to stop responding.
Any more details? Have you notified the vendor? As one who has released
lame advisories in the past, I had the decency to label them as lame.
Unless you provide some details or some collaboration with TippingPoint,
I will call shenanigans.
Here is my latest lame advisory:
A series of evil packets will cause me to have remote root access to
Windows, Linux, and MacOS/X. Due to the nature of the vulnerability, I
will not be releasing any details. In fact, it is so secret even *I*
don't know the details, but I am *positive* that when I see someone else
post my work, I should get full credit, right?
Right?
-SN
--=-TfvSRrdrl4z3onhqpTdz
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQBGLoQzJHqkvWg48R0RAsYgAJ9Rua8Vw8qFft3NPIDczCiiM3g4dwCfS4p2
UZzcddfEkAPRcOo0wxy0NRA=
=XS00
-----END PGP SIGNATURE-----
--=-TfvSRrdrl4z3onhqpTdz--
討論串 (同標題文章)
完整討論串 (本文為第 2 之 4 篇):