[RndTbl] Intel ethernet - h/w remote DoS exploit!
Trevor Cordes
trevor at tecnopolis.ca
Fri Feb 8 13:49:08 CST 2013
On 2013-02-06 Adam Thompson wrote:
> This guy explains it better than I can, but the meat of it is that a
> large number of Intel Ethernet controllers in the field are
> susceptible to a firmware bug that can shut down the Ethernet port
> remotely.
Kind of scary. I have countless Intel NICs out in the field. Many are
ineternet-facing. Not sure if any are the 82574L, I'll need to check.
Now the question is, is this remotely exploitable via the internet?
The secondary page:
http://www.kriskinc.com/intel-pod
Says "you'll need to be on the same ethernet segment. No routers or
VLAN" in between. So does that mean that this can't be triggered by
someone in China across to our Shaw/MTS modem connections?
Bugs like this are goofy, and I'd hope that if it is remotely
exploitable that Intel makes a fix widely (and easily) available (and
known).
Anyone tested it yet? I would offer some boxes as test recipients if
someone has.
More information about the Roundtable
mailing list