Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Apr 2004 13:23:38 +0200
From:      "Devon H. O'Dell" <>
Subject:   Re: IPFW ECE Firewall Bypassing Exploit
Message-ID:  <>
In-Reply-To: <>
References:  <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Dmitry Surovtsev wrote:

> securiteam news (
> A vulnerability in FreeBSD's implementation of packet filtering for IPv4
> and IPv6 has been found. The vulnerability allows specially crafted
> packets that are not part of an established connection to go through the
> firewall. These special packets must have the ECE flag set, which is in
> the TCP reserved options field.
>  [snip]

Hello Dmitry,

This bug was fixed circa three years ago. Please see the date on the 

Kind regards,

Devon H. O'Dell

Want to link to this message? Use this URL: <>