Date: Wed, 30 Nov 2022 18:58:09 -0300 From: Dev Null <devnull@apt322.org> To: mike tancsa <mike@sentex.net>, freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-22:15.ping Message-ID: <e9a7b2ca-a4a4-5b99-f915-0db46b60d1e8@apt322.org> In-Reply-To: <3dc86282-165d-8562-5cba-0da9896557b9@sentex.net> References: <20221130004601.043CE1C623@freefall.freebsd.org> <3dc86282-165d-8562-5cba-0da9896557b9@sentex.net>
index | next in thread | previous in thread | raw e-mail
Easily to exploit in a test environment, but difficult to be exploited in the wild, since the flaw only can be exploited in the ICMP reply, so the vulnerable machine NEEDS to make an ICMP request first. The attacker in this case, send a short reader in ICMP reply. -- Rafael Grether On 30/11/22 10:01, mike tancsa wrote: > > How likely is this bug exploited ? I am guessing Man-in-the-middle > makes this a little more of an issue potentially > > ---Mike >home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e9a7b2ca-a4a4-5b99-f915-0db46b60d1e8>