Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Malware Injection Via Flaw In Network Card

Posted by timothy on Saturday March 27, 2010 @09:50AM from the just-where-you-least-expect-it dept.

kfz-versicherung writes "During the CanSecWest international conference in Vancouver, members of ANSSI described how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (full presentation; PDF). The attack uses routable packets delivered to the victim's NIC. Consequently, multiple attacks can be conducted including man-in-the-middle attacks on network connections, access to cryptographic keys on the host platform, or malware injection on the victim's computer host platform."

3 of 49 comments (clear)

Min score:

Reason:

Sort:

Re:ÖÖ×YÉZ-¥z3 by WrongSizeGlass · 2010-03-27 10:35 · Score: 2, Funny

Dude, I think you forgot to change your decoder ring from "I'm high" to "Slashdot". Please check the setting s and try posting again.
Re:For a little piece of mind by WrongSizeGlass · 2010-03-27 10:40 · Score: 3, Funny

3. Is there a proof of concept?

Yes. A proof of concept attack has been demoed during the CanSecWest conference. It showed how an attacker can remotely shutdown or wake up his victim’s machine, and fully compromise a COTS operating system machine (Linux for the demo, but all operating systems are vulnerable).
Hey, at least it's Linux compatible!
an hero by Anonymous Coward · 2010-03-27 11:15 · Score: 1, Funny

-1 an hero