Originally Published: Friday, 22 October 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Local user can send forged packets

Forged packets can be send out from a Linux system, for example for NFS attacks or any other protocol relying on addresses for authentification, even when protected from the outside interfaces by firewalling rules. Most of the time, existing firewalling rules are bypassed. This requires at least a shell account on the system.