Wow, good eye. I can't remember UDP having an ACK packet type, being a stateless protocol and all, either. I actually looked back through this thread of emails and it is actually mentioned many times, the idea of the exploit involving certain SQN or ACK packets, although only by "xD 0x41" as far as I can see. I'm not sure about anyone else, but I at least, take "xD 0x41"s posts with a spoonful of salt since there is no corroborating information and the descriptions are vague, contradictory, incomprehensible or some combination thereof.
Anyway, I'm not an expert, that is just my personal observation. I'm just a comp sci student that joined this list a couple months ago to try to learn some more about real world computer security. (As opposed to just lab-environment, controlled, with expected results, computer security.) I'm interested in this alleged bug, and if there are any other descriptions of it that are more *clear* about the actual effect or impact, I'd appreciate a link. While I'm at it, since I've mentioned I'm a student and learning, any other helpful links to learn from are also appreciated. :) On Fri, Nov 11, 2011 at 3:31 PM, Ian Hayes <[email protected]> wrote: > On Fri, Nov 11, 2011 at 3:13 PM, xD 0x41 <[email protected]> wrote > > anyhow... it doesnty take, 49days, atall.. > > and, yes, indeed, will be one good packet, if the packet , has the > > right SQN + Ack number. > ^^^^^^^^^^^^^^^^^^^^^^^^^^ > > We are discussing UDP, as per the MS advisory, yes? > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
