TCP vulnerability
Andre Oppermann
andre at freebsd.org
Sat Apr 24 08:22:42 PDT 2004
Chuck Swiger wrote:
>
> Alan Evans wrote:
> > I'm sure FreeBSD is vulnerable.
> >
> > http://www.us-cert.gov/cas/techalerts/TA04-111A.html
> >
> > There's a draft that (sort of) addresses this. Should
> > we adopt it?
>
> This issue is being discussed on freebsd-security now, and Mike Silbersack
> <silby at silby.com> has some patches available for review and testing.
There has been an additional problem in some BSD stacks with RST's
which has been fixed in FreeBSD about six years ago. The remaining
things which are addressed in that paper are hardening measures to
reduce the chances of a brute force blind attack. There *no* vulner-
ablility in the sense of "send packet x" and everything breaks.
--
Andre
More information about the freebsd-net
mailing list