From owner-freebsd-pf@FreeBSD.ORG  Thu Sep 16 03:47:55 2004
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 674)
	id E1AEF16A4D0; Thu, 16 Sep 2004 03:47:55 +0000 (GMT)
Delivered-To: mlaier@vampire.homelinux.org
Received: (qmail 22625 invoked by uid 1005); 29 Aug 2003 02:53:18 -0000
Delivered-To: max@vampire.homelinux.org
Received: (qmail 22622 invoked from network); 29 Aug 2003 02:53:17 -0000
Received: from moutng.kundenserver.de (212.227.126.187)
  by pd9e39106.dip.t-dialin.net with SMTP; 29 Aug 2003 02:53:17 -0000
Received: from [212.227.126.148] (helo=mxng05.kundenserver.de)
	by moutng.kundenserver.de with esmtp (Exim 3.35 #1)
	id 19saH6-00087N-00
	for max@vampire.homelinux.org; Fri, 29 Aug 2003 05:50:12 +0200
Received: from [206.53.239.180] (helo=turing.freelists.org)
	by mxng05.kundenserver.de with esmtp (Exim 3.35 #1)
	id 19saH4-0005K0-00
	for max@love2party.net; Fri, 29 Aug 2003 05:50:10 +0200
Received: from turing (localhost [127.0.0.1])ESMTP
	id D8CAE3909CB; Thu, 28 Aug 2003 22:50:47 -0500 (EST)
Received: with ECARTIS (v1.0.0; list pf4freebsd);
	Thu, 28 Aug 2003 22:50:43 -0500 (EST)
Delivered-To: pf4freebsd@freelists.org
Received: from ns.kt-is.co.kr (unknown [211.218.149.125])
	ESMTP id 493E6390975
	for <pf4freebsd@freelists.org>; Thu, 28 Aug 2003 22:50:42 -0500 (EST)
Received: from michelle.kt-is.co.kr (ns2.kt-is.co.kr [220.76.118.193])
	(authenticated bits=128)
	by ns.kt-is.co.kr (8.12.9/8.12.5) with ESMTP id h7T3ncqb001222
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL)
	for <pf4freebsd@freelists.org>; Fri, 29 Aug 2003 12:49:38 +0900 (KST)
Received: from michelle.kt-is.co.kr (localhost.kt-is.co.kr [127.0.0.1])
	by michelle.kt-is.co.kr (8.12.9/8.12.9) with ESMTP id h7T3nUM3012746
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <pf4freebsd@freelists.org>; Fri, 29 Aug 2003 12:49:35 +0900 (KST)
	(envelope-from yongari@kt-is.co.kr)
Received: (from yongari@localhost)
	by michelle.kt-is.co.kr (8.12.9/8.12.9/Submit) id h7T3nU6A012745
	for pf4freebsd@freelists.org; Fri, 29 Aug 2003 12:49:30 +0900 (KST)
	(envelope-from yongari@kt-is.co.kr)
From: Pyun YongHyeon <yongari@kt-is.co.kr>
To: pf4freebsd@freelists.org
Message-ID: <20030829034929.GC11397@kt-is.co.kr>
References: <006101c36dde$01cb64e0$01000001@max900>
Mime-Version: 1.0
Content-type: text/plain;
  charset=us-ascii
Content-Disposition: inline
In-Reply-To: <006101c36dde$01cb64e0$01000001@max900>
User-Agent: Mutt/1.4.1i
X-Filter-Version: 1.11a (ns.kt-is.co.kr)
Content-Transfer-Encoding: 8bit
X-archive-position: 117
X-ecartis-version: Ecartis v1.0.0
Sender: pf4freebsd-bounce@freelists.org
Errors-To: pf4freebsd-bounce@freelists.org
X-original-sender: yongari@kt-is.co.kr
Precedence: normal
X-list: pf4freebsd
X-UID: 230
X-Length: 4067
X-Mailman-Approved-At: Thu, 16 Sep 2004 03:55:51 +0000
Subject: [pf4freebsd] Re: Possible remote DoS (panic) with scrub rules!!!
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.1
Reply-To: pf4freebsd@freelists.org
List-Id: Technical discussion and general questions about packet filter (pf)
	<freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
Date: Thu, 16 Sep 2004 03:47:56 -0000
X-Original-Date: Fri, 29 Aug 2003 12:49:29 +0900
X-List-Received-Date: Thu, 16 Sep 2004 03:47:56 -0000

On Fri, Aug 29, 2003 at 05:31:16AM +0200, Max Laier wrote:
 > Hello,
 > 
 > just got a HUB from Daniel regarding a possible remote DoS in pf_norm.c This
 > might not be a problem if you do not use "scrub"-Rules.
 > 
 > This regards all versions of pf4freebsd prior 1.63 (which was just released)
 > and port prior 1.0_7 (just commited by "edwin").
 > 
 > Version 1.63 (for tarball users) can be found at:
 > http://pf4freebsd.love2party.net/pf_freebsd_1.63.tar.gz
 > MD5 (pf_freebsd_1.63.tar.gz) = d36bef7f8023c891572148c0d3930410
 > the patch for the port is commited.
 > 
If you don't have pf.os in /etc directory, please copy pf.os
to that directory manually.
pf.os can be found at:
http://www.openbsd.org/cgi-bin/cvsweb/src/etc/pf.os
You may not do anything with pfctl without /etc/pf.os.

 > Please update as soon as possible.
 > Additional information can be found at:
 > http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c (v1.75)
 > 
 > Regards,
 >     Max
 > 

Regards,
Pyun YongHyeon
-- 
Pyun YongHyeon <http://www.kr.freebsd.org/~yongari>