On 06/05/2011 11:33 AM, Tom Eastep wrote: > On 6/5/11 11:03 AM, KP Kirchdoerfer wrote: >> Am Sonntag, 5. Juni 2011, um 18:32:28 schrieb Tom Eastep: >>> 2) Network developers have discovered an exploit that allows hosts to >>> poke holes in a firewall. The known ways to protect against the >>> exploit are: > > The details have not yet been made public.
Perhaps you can spare one detail. By "hosts", do you mean: local hosts, or, remote hosts? If local hosts, the impact is minor, it would basically be equivalent to UPnP (which is already running intentionally on many home networks). If remote hosts, then it's a huge hole! I'm *really* hoping it's not remote hosts. It's understandable that such an exploit would not be public yet. Is there a CVE number for it yet? Is the exploit fixed in the latest kernel? I'm wondering if upgrading to 3.0.0 would have the fix in it or not? (I'm guessing this isn't public either, because if vulnerable/invulnerable version numbers were announced, then somebody could just diff the kernel sources between them, and learn the exact details of the exploit.) Thanks! Josh ------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Discover what all the cheering's about. Get your free trial download today. http://p.sf.net/sfu/quest-dev2dev2 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
