saw this one come through today. I checked the link down at the bottom of the page. I thought it quite interesting that Cisco and Microsoft are noted as "not vulnerable" while just about every *nix out there is listed as "unknown" One sad note - my firewall of choice is shown as "unknown" also.
I am presuming that testing is still going on with all these other products. "unknown" may not necessarily mean "vulnerable" ------- *CERT WARNS OF POTENTIALLY WIDESPREAD VULNERABILITY By SWD Staff The Computer Emergency Response Team (CERT) Monday warned of a vulnerability affecting Ethernet device driver software running on multiple platforms that could allow a remote attacker to harvest potentially sensitive information from network traffic. A research paper by information security firm @stake says, "Multiple platform Ethernet Network Interface Card (NIC) device drivers incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory. This vulnerability is the result of incorrect implementations of RFC requirements and poor programming practices, the combination of which results in several variations of this information leakage vulnerability." It "is trivial to exploit and has potentially devastating consequences. Several different variants of this implementation flaw result in this vulnerability," @stake continues. "The number of affected systems is staggering, and the number of vulnerable systems used as critical network infrastructure is terrifying." CERT recommends applying patches as soon as they are available and using encryption to protect network traffic, though it won't protect sensitive information leaked from non-network sources, such as kernel memory. For an updated list of affected vendors, please consult the CERT vulnerability note. http://www.kb.cert.org/vuls/id/412115 http:[EMAIL PROTECTED]/research/advisories/2003/index.html#010603-1 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=60687&t=60687 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]