From owner-freebsd-ipfw@FreeBSD.ORG  Wed Apr 14 02:35:00 2004
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 151F216A4CE
	for <freebsd-ipfw@freebsd.org>; Wed, 14 Apr 2004 02:35:00 -0700 (PDT)
Received: from tx2.oucs.ox.ac.uk (tx2.oucs.ox.ac.uk [163.1.2.163])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 8F45543D5A
	for <freebsd-ipfw@freebsd.org>; Wed, 14 Apr 2004 02:34:59 -0700 (PDT)
	(envelope-from colin.percival@wadham.ox.ac.uk)
Received: from scan2.oucs.ox.ac.uk ([163.1.2.162] helo=localhost)
	by tx2.oucs.ox.ac.uk with esmtp (Exim 4.24)
	id 1BDgnK-0005k5-LS
	for freebsd-ipfw@freebsd.org; Wed, 14 Apr 2004 10:34:58 +0100
Received: from rx2.oucs.ox.ac.uk ([163.1.2.161])
 by localhost (scan2.oucs.ox.ac.uk [163.1.2.162]) (amavisd-new, port 25)
 with ESMTP id 21759-08 for <freebsd-ipfw@freebsd.org>;
 Wed, 14 Apr 2004 10:34:58 +0100 (BST)
Received: from gateway.wadham.ox.ac.uk ([163.1.161.253])
	by rx2.oucs.ox.ac.uk with smtp (Exim 4.24)
	id 1BDgnK-0005jy-83
	for freebsd-ipfw@freebsd.org; Wed, 14 Apr 2004 10:34:58 +0100
Received: (qmail 5515 invoked by uid 1004); 14 Apr 2004 09:34:58 -0000
Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with
	qmail-scanner-1.20 
	(clamscan: 0.67. sweep: 2.18/3.79.  Clear:RC:1(163.1.161.131):. 
	Processed in 0.135248 secs); 14 Apr 2004 09:34:58 -0000
Received: from dhcp1131.wadham.ox.ac.uk (HELO piii600.wadham.ox.ac.uk)
	(163.1.161.131)
	by gateway.wadham.ox.ac.uk with SMTP; 14 Apr 2004 09:34:58 -0000
Message-Id: <6.0.1.1.1.20040414102727.03ad0008@imap.sfu.ca>
X-Sender: cperciva@imap.sfu.ca (Unverified)
X-Mailer: QUALCOMM Windows Eudora Version 6.0.1.1
Date: Wed, 14 Apr 2004 10:34:55 +0100
To: freebsd-security@freebsd.org
From: Colin Percival <colin.percival@wadham.ox.ac.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
cc: freebsd-ipfw@freebsd.org
Subject: FYI re: "FreeBSD ECE flag ipfw protection bypass"
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Apr 2004 09:35:00 -0000

  Several people have noticed that SecuriTeam.com is reporting a
"FreeBSD ECE flag ipfw protection bypass" exploit.  In an effort
to save time, let me say this publicly: SecuriTeam.com is three
years out of date.
  This problem was fixed in FreeBSD 3.5-STABLE and 4.2-STABLE in
January 2001, and reported in Security Advisory FreeBSD-SA-01:08.

Colin Percival