Welcome to the TechSpot OpenBoards. Please read the FAQ if you have any questions. Sign up or Login to participate.
|
|||||||
Begin your free trial now
Pay-as-you-go options starting at $10/user/month
Pay-as-you-go options starting at $10/user/month
Critical Security Flaw in Many Ethernet Device Drivers
|
|
Thread Tools | Search this Thread |
|
#1
01-06-2003
|
||||
|
||||
|
Critical Security Flaw in Many Ethernet Device Drivers
If one follows the Ethernet Standard correctly, each packet transmitted on an Ethernet network should be a minimum of 46 bytes. Some higher level protocols, however, often require that smaller packets be sent. In this instance, devices are supposed to fill the remaining area with null data (i.e. randomly generated gibberish). However, there seems to be evidence that many Ethernet device drivers do not pad the packets with true null data, and in fact pad it with real data from previous packets!!! Aaaaaaaaaaaaaaaaaaaaah! BAD NEWS!
The investigations were conducted by researchers at @stake Inc., in Cambridge, Mass., and the CERT Coordination Center has posted on its Web site a list of vendors whose products may be affected by this vulnerability. That is available here. Full story here. |
|
 |
| Similar Topics | ||||
| Topic | Replies | Forum | ||
 Microsoft warns world of critical security flaw
|
13 | TechSpot News and Comments | ||
|
WinZip has security flaw fix
|
0 | General Discussion | ||
|
Microsoft XP Security Flaw
|
0 | General Discussion | ||
|
Microsoft reveals DirectX 'critical' flaw
|
5 | General Discussion | ||
|
Microsoft Ups IE Flaw to 'Critical'
|
0 | General Discussion | ||
| Thread Tools | Search this Thread |
|
|
All times are GMT -4. The time now is 06:18 AM.