Comment by tomaskafka
4 years ago
> This set of vulnerabilities requires a potential attacker to be physically within range of the Wi-Fi network
I have troubles imagining an attack on wifi protocol where this doesn't apply :).
4 years ago
> This set of vulnerabilities requires a potential attacker to be physically within range of the Wi-Fi network
I have troubles imagining an attack on wifi protocol where this doesn't apply :).
Back in the day you could disconnect some modems by sending certain strings over any higher level protocol, e.g. ICMP or IRC.
Linksys WRT54G, Netgear 614/624 routers: sending `DCC SEND foo 0 0 0` would boot people off IRC
Norton Personal Firewall: `startkeylogger` would boot you off of IRC
These would typically be combined into `DCC SEND startkeylogger 0 0 0` to grief a whole channel of people
Reminds me of this back in the day: https://seclists.org/bugtraq/1998/Sep/192
Back in the day, you could:
- Hijack TCP sessions very easily with IP hijacking, especially telnet
- DoS someone with a smurf attack
- Ping of death windoze
- Inject content into unencrypted pages (goatse everyone's web page backgrounds)
- Get hacked by running inetd services
- chargen ... nuf said
- Apply a zillion patches to a Solaris box but break 10 other things
I think this vulnerability is one of the most embarrassing blunders caused by a software patent.