Liang Xia via Datatracker <noreply@xxxxxxxx> wrote:
> But about my one question, I have not seen any response or actions: "Issues for
> clarification: In Security Considerations, besides the DoS attacks brought by
> the malicious payloads, is there any other kinds of attack possibly? For
> example, virus or worm are hidden in the malicious payloads to attack the
> system for more damages? Does it make sense and what's the consideration?"
Hi, thank you for the review comments.
Aside from possible buffer-overflow attacks that would attempt to smash the
stack of a process, none of the content carried in ffv1 is intended to be executable.
A virus or worm hidden in the payload would be rendered as if it was visual
data by normal software processing.
Clearly, a malicious system could use the ffv1 format in an attempt to disquise
itself, but that would take a co-consipirator to extract that content.
--
Michael Richardson <mcr+IETF@xxxxxxxxxxxx>, Sandelman Software Works
-= IPv6 IoT consulting =-
Attachment:
signature.asc
Description: PGP signature
-- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
