Re: [Last-Call] [Cellar] Secdir last call review of draft-ietf-cellar-ffv1-16

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Liang Xia via Datatracker <noreply@xxxxxxxx> wrote:
    > But about my one question, I have not seen any response or actions: "Issues for
    > clarification: In Security Considerations, besides the DoS attacks brought by
    > the malicious payloads, is there any other kinds of attack possibly? For
    > example, virus or worm are hidden in the malicious payloads to attack the
    > system for more damages? Does it make sense and what's the consideration?"

Hi, thank you for the review comments.
Aside from possible buffer-overflow attacks that would attempt to smash the
stack of a process, none of the content carried in ffv1 is intended to be executable.

A virus or worm hidden in the payload would be rendered as if it was visual
data by normal software processing.

Clearly, a malicious system could use the ffv1 format in an attempt to disquise
itself, but that would take a co-consipirator to extract that content.

--
Michael Richardson <mcr+IETF@xxxxxxxxxxxx>, Sandelman Software Works
 -= IPv6 IoT consulting =-



Attachment: signature.asc
Description: PGP signature

-- 
last-call mailing list
last-call@xxxxxxxx
https://www.ietf.org/mailman/listinfo/last-call

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux