Matt Mossholder on 26 Sep 2014 10:20:10 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] 'Shellshock' Bug Spells Trouble for Web Security

On Fri, Sep 26, 2014 at 1:00 PM, Keith C. Perry <> wrote:

What are you envisioning as the attack vector from the client point of view?  Is the concern that an infected DHCP server could craft a IP OFFER or ACK packet back to your client with an exploit?

~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Keith C. Perry, MS E.E.
Owner, DAO Technologies LLC
(O) +1.215.525.4165 x2033
(M) +1.215.432.5167

     That is exactly what can happen. Come DHCP clients hand off information from the DHCP server to scripts for processing. In these cases, you could get whacked by a bad DHCP server.

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --