Re: Huge security hole in Kerio 2.1.5
From: Richard Jones (rj_at_rsjones.net)
Date: 05/24/05
- Next message: Imhotep: "Re: Huge security hole in Kerio 2.1.5"
- Previous message: Jim Carlock: "Re: AIM Send out random messages"
- Next in thread: Imhotep: "Re: Huge security hole in Kerio 2.1.5"
- Reply: Imhotep: "Re: Huge security hole in Kerio 2.1.5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 May 2005 18:43:52 -0700
Laurent wrote:
>I've just been told that Kerio 2.1.5, which was considered to be the (or one of the) best choice, doesn't "see" (and doesn't intercept...) fragmented packets, and thus wouldn't be efficient toward an attack based on fragmented packets (see below)
<snip>
>Even in this case, "simple" ping doesn't work, but "fragmented" ping does...
What could happen if these 2 scenarios did take place?
Are there documented cases? Not tests, but real cases of damage to a
computer by these attacks?
Thanks,
-rich
- Next message: Imhotep: "Re: Huge security hole in Kerio 2.1.5"
- Previous message: Jim Carlock: "Re: AIM Send out random messages"
- Next in thread: Imhotep: "Re: Huge security hole in Kerio 2.1.5"
- Reply: Imhotep: "Re: Huge security hole in Kerio 2.1.5"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
