Remote Malware Injection Via Flaw In Network Card 49
kfz-versicherung writes "During the CanSecWest international conference in Vancouver, members of ANSSI described how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (full presentation; PDF). The attack uses routable packets delivered to the victim's NIC. Consequently, multiple attacks can be conducted including man-in-the-middle attacks on network connections, access to cryptographic keys on the host platform, or malware injection on the victim's computer host platform."
Re:ÖÖ×YÉZ-¥z3 (Score:3, Funny)
Re:For a little piece of mind (Score:4, Funny)
3. Is there a proof of concept?
Yes. A proof of concept attack has been demoed during the CanSecWest conference. It showed how an attacker can remotely shutdown or wake up his victim’s machine, and fully compromise a COTS operating system machine (Linux for the demo, but all operating systems are vulnerable).
Hey, at least it's Linux compatible!
an hero (Score:1, Funny)