So any default services bind to raw sockets?<p>I can't think of any... Which in turn means that most systems probably aren't vulnerable. On windows I think you need admin rights to open a raw socket, which means that only admins can pwn the machine...
I know there's some limits to the surface of this... but it seems that could precisely be triggered by certain types of security software, ironically designed to protect such systems. Eww...
> To trigger the vulnerable code path, an application on the target must be bound to a raw socket.<p>What is a "raw socket" in this context?