UDP DoS that affects all platforms? - Page 2
Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: UDP DoS that affects all platforms?

  1. #11
    Senior Member
    Join Date
    Sep 2001
    Heh, I gotta admit I'm kinda split on this one...
    I mean, while the possibility of such a vulnerability cannot be totaly excluded (since not only is alot of code shared but so are design patterns); then again, extraordinary claims require extraordinary proof... which we haven't seen... yet(!/?)

    Credit travels up, blame travels down -- The Boss

  2. #12
    Senior Member
    Join Date
    Sep 2001
    I've been trying to find out what ever little I could find about this, and assuming that it's a recieve livelock problem (based on the links Negative pointed out), and hypothetising that it's a real issue, shouldn't using FreeBSD or OpenBSD complied with the option DEVICE_POLLING protect from such an issue? Granted device polling is not optimal in normal use but it could provide a quick workaround (*if* it were to be true, of course)...

    Credit travels up, blame travels down -- The Boss

  3. #13
    Yes, that's my CC number! 576869746568617's Avatar
    Join Date
    Dec 2003
    I just don't see it. No two vendors use the same exact implementation of the TCP/IP protocol stack. For that matter, many vendors don't even follow the OSI ref. model exactly, but integrate several layers of it into a single module, and no two are the same.

    I think the flaw lies elseware.........but I could be wrong.

    Hope I'm not

  4. #14
    Senior Member
    Join Date
    Nov 2001
    Thursday January 22, 2004. 02:45 pm cst

    CERT has contacted us again...

    They are going to send the tool (binary only) along with some
    notes that we are just_now editing to vendors. (making list also)
    NOT as a vulnerability...
    but for further testing on the secondary effects,
    and any possible hardware combination problems.
    (those problems may simply be going offline or h/w errata)

    I am also including clearer_instructions and examples on it's use
    as some folks had trouble reproducing effects but didn't tell us...
    Hopefully we get our tiny caution/use manual correct this time. ;-)

    This may take a day or two...
    so for those concerned..
    it's enroute shortly.

    YAHOO! heh, good enough for now.


    ive been following this soap since yesterday and im kinda releived for this guy
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts