Interesting, but I would not scream from the hills about it. There are very specific conditions to meet for this sploit to work (if it is a real threat, as I have not heard anything from a reputable pen-tester.
Exploits are not to be taken lightly, but I doubt the veracity of the claim without further evidence from people like @stake, Symantec, </insert people who don't suck here>
OK, got a notice from Deepsight. Seems the threat is fairly limited. Either your DHCP servers have to be compromised or a rouge DHCP server on your local segment has to be present when you are broadcasting for a DHCP lease. Possible, but unlikely unless one's defenses are pretty lax for critical infrastructure.
Top
