Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Malware Injection Via Flaw In Network Card

Posted by timothy on from the just-where-you-least-expect-it dept.

kfz-versicherung writes "During the CanSecWest international conference in Vancouver, members of ANSSI described how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (full presentation; PDF). The attack uses routable packets delivered to the victim's NIC. Consequently, multiple attacks can be conducted including man-in-the-middle attacks on network connections, access to cryptographic keys on the host platform, or malware injection on the victim's computer host platform."

5 of 49 comments (clear)

  1. Re:For a little piece of mind by MichaelSmith · · Score: 3, Interesting

    Okay but will the UDP packets which cause the problem be well formed enough to be routed into your network from outside? In most cases if you have access to the local network all systems are vulnerable anyway.

    --
    http://michaelsmith.id.au
  2. Limited to Broadcom only? by MrCrassic · · Score: 2, Interesting

    It seems that the presentation focuses heavily on the NetXtreme framework, which is specific to Broadcom. Doesn't Intel, the other major NIC vendor/manufacturer, use their own proprietary security and administrative protocols on their devices?

    I wonder how secure Realtek's stuff is; their drivers/software leave me to think that their hardware code is ripe for discovery...

  3. Mo bugs mo problems by OopsIDied · · Score: 2, Interesting

    The important part about this is not that the attack is very specific (only Broadcom running ASF) but that attacks through a NIC are possible at all. This could be the beginning of more serious and widespread attacks as network components become exploitable through their increasing technology. There's a relationship between amount of code a device runs and the amount of bugs present in that code, and bugs can often be exploited for bad purposes.

  4. This may be more general than a specific card by grandpa-geek · · Score: 2, Interesting

    I recently heard that the simulated network card in virtualization systems can be a point of attack. So, this may be a more general issue than a specific card.

  5. Re:+++ATH0 by mmontour · · Score: 2, Interesting

    The only REAL fix is to disable the sequence in the modem.

    Or to buy a modem from a manufacturer that implemented it properly. The escape sequence is not just "+++" - there has to be an interval before and after those characters in which no other bytes are sent to the modem. This can only happen if you're typing directly from a terminal, since there are always extra headers present if you're sending TCP/IP traffic.

    If your modem was vulnerable to this then the manufacturer was either incompetent or intentionally screwing it up to avoid paying patent royalties.