"An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system" https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8493 …
-
-
Yeah KASLR is so useless against remote attackers that it all it takes is a once in a decade protocol flaw to break it ;-)
-
Sorry, but I can't take anyone who tweeted this about KASLR seriously: https://twitter.com/aionescu/status/312725171804991489 … (even with your caveat that you were referring to OS X only, careful readers of our KASLR blog post have many bypass methods at their disposal, they just didn't tell you about them ;) )
-
BTW, how many remote kernel protocol flaws allowing arbitrary code execution have there been lately for Windows? If KASLR is your saving grace for these one-in-a-decade remotes (where there's no other avenue of executing within a service), what you're saying isn't very impressive
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.