Slashdot Mirror

← Back to Stories (view on slashdot.org)

Remote Malware Injection Via Flaw In Network Card

Posted by timothy on from the just-where-you-least-expect-it dept.

kfz-versicherung writes "During the CanSecWest international conference in Vancouver, members of ANSSI described how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (full presentation; PDF). The attack uses routable packets delivered to the victim's NIC. Consequently, multiple attacks can be conducted including man-in-the-middle attacks on network connections, access to cryptographic keys on the host platform, or malware injection on the victim's computer host platform."

1 of 49 comments (clear)

  1. Re:For a little piece of mind by MichaelSmith · · Score: 3, Interesting

    Okay but will the UDP packets which cause the problem be well formed enough to be routed into your network from outside? In most cases if you have access to the local network all systems are vulnerable anyway.

    --
    http://michaelsmith.id.au