Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Submission + - Can you still trust your network card? ( 1

chrisG23 writes: Today during the CanSecWest international conference in Vancouver, members Yves-Alexis Perez and Loic Duflot of ANSSI (French Network and Information Security Agency) described how an attacker could remotely take full control of a particular network card model. Once taken over, (and no interaction with the host operating system was required whatsover) the presenters demonstrated it was possible to enable the remote computer startup, shutdown, and restart commands disabled by default in the NIC firmware. Then the presenters demonstrated remote execution of code on the host computer, obtaining a root level account with a single additional packet.

This particular exploit only works on one particular model of network card, but the implications are staggering as it is almost inevitable that more network cards and other computer devices that have their own registers, memory, processor and firmware, and a means to communicate independently of the host computer, can and will be exploited, again totally independent of the operating system of the host computer. The researchers have contacted the NIC vendor and a patch has been released. The actual exploit code and tools will not be released. Details and an FAQ can be found on the ANSSI website at

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Can you still trust your network card?

Comments Filter:

"The following is not for the weak of heart or Fundamentalists." -- Dave Barry