Le jeu 17/10/2002 à 22:55, huang po a écrit : > Even if it were true, it would be very much more harder to write so > that it would affect *different* OS's: the differences in the TCP > stacks are not that large, but significant for at least this purpose. I completly agree this point. For now, only concrete thing I saw about this rumor was kind of social engineering stuff based on some "Bet you I can root your box through TCP stack ?" challenge aimed to have target admin trace the attack using a vulnerable tcpdump. I can be wrong, but it seems to me quite difficult to have a kernel exploit that works on both BSD and Linux, using the same vulnerability... -- Cédric Blancher <blancher@cartel-securite.fr> IT systems and networks security expert - Cartel Sécurité Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99 PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE
