TCP timestamp vulnerability
Richard Coleman
rcoleman at criticalmagic.com
Tue Jun 21 18:24:43 GMT 2005
Jacques Vidrine wrote:
>
> On May 19, 2005, at 5:53 AM, Christian Brueffer wrote:
>
>> fixes for the vulnerability described in http://www.kb.cert.org/
>> vuls/id/637934
>> were checked in to CURRENT and RELENG_5 by ps in April.
>>
>> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c
>>
>> Revisions 1.270 and 1.252.2.16
>>
>> He didn't commit it to RELENG_5_4 for some reason, so 5.4 shipped with
>> it.
>>
>> My guess is that he didn't notify you guys either.
>>
>> I stumbled upon this through a Heise News article at
>> http://www.heise.de/newsticker/meldung/59672. Sent them an update about
>> the fixed branches, but they'd like to know why this wasn't communicated
>> back to US-CERT yadda yadda yadda.
>
> Thanks, Christian. No, ps@ didn't point it out. It gets a little
> confusing too, since I see that the work was submitted by multiple
> folks, one of which reported another related vulnerability to us on May
> 18 (7 days after that commit). Now to try to untangle what is what ...
My boss asked me to check on whether this problem was fixed for FreeBSD
4.10. I didn't see any advisories related to this, and FreeBSD is still
showing as vulnerable on the CERT web site. It doesn't look like a fix
for this has been committed to any of the 4.X branches. Any word on this?
Thanks for the help.
Richard Coleman
rcoleman at criticalmagic.com
More information about the freebsd-security
mailing list