-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday 10 January 2003 18:02, Ofir Arkin wrote: > Who is vulnerable? > ------------------ > Josh Anderson and I tested several Ethernet cards and device drivers. > > We have found several device drivers which are vulnerable but we never > attempted to find them all. It is simply because there are too many. > Therefore we have contacted CERT more than 6 months ago and sent them > the Etherleak paper and asked them to contact OS manufactures, Network > device manufactures, Chipset manufactures, motherboard manufactures and > other manufactures and vendors who might need to check their device > driver's implementations. > > In our tests we have experienced this bug under 4 different operating > systems: > > - Linux > - NetBSD > - FreeBSD > - Microsoft Windows > I audited our system running under various operating systems. The following OS do _not_ pad the packets with zero but something else, if anybody is interested in the dumps of the frames produced while testing, feel free to contact me. Machine OS Version IBM iSeries OS/400 IBM RS/6000 AIX 4.3 Sun E450 Solaris 8 HP Printers JetDirect Various Identification of the vunerability was done by "ping -s1 <host>" and analysing the resulting answers using ethereal, looking if the ethernet trailer was different from all zero. Greetings Peter Turczak - -- WIWA Gmbh&Co KG Networking Dept. Gewerbestr. 1-3 D-35633 Lahnau GERMANY Voice: ++49-6441-609-12 FAX: ++49-6441-609-50 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+H1ZDEOIt4Nhv5cwRAuU8AJ0a0BpdY2rq90RKk0nlx5KiNPZrqQCaAmPY G7CtTaw8qKWLvLvRTlOM+28= =r8NM -----END PGP SIGNATURE-----
