[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

0day Windows Network Interception Configuration Vulnerability

Subject: 0day Windows Network Interception Configuration Vulnerability
From: nick at foobar.org (Nick Hilliard)
Date: Mon, 04 Apr 2011 18:53:42 +0100
In-reply-to: <[email protected]>
References: <[email protected]>

On 04/04/2011 16:46, andrew.wallace wrote:
> Someone has recently post to a mailing list:
> http://lists.grok.org.uk/pipermail/full-disclosure/2011-April/080096.html

There's a serious vulnerability in the default ipv4 configuration too: 
Windows will accept a reply from any DHCP server which replies.

The fix right now is for Microsoft to disable IPv4 by default.

I think I'm the first person in the world to notice this, so can you 
cross-post this to full-disclosure as a critical 0day?  kthx,

Nick

References:
- 0day Windows Network Interception Configuration Vulnerability
  - From: andrew.wallace at rocketmail.com (andrew.wallace)

Prev by Date: 0day Windows Network Interception Configuration Vulnerability
Next by Date: HIJACKED: 159.223.0.0/16 -- WTF? Does anybody care?
Previous by thread: 0day Windows Network Interception Configuration Vulnerability
Next by thread: 0day Windows Network Interception Configuration Vulnerability
Index(es):
- Date
- Thread