Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 14 Apr 2004 13:23:38 +0200
From:      "Devon H. O'Dell" <dodell@offmyserver.com>
To:        sd@buc.com.ua
Cc:        freebsd-ipfw@freebsd.org
Subject:   Re: IPFW ECE Firewall Bypassing Exploit
Message-ID:  <407D1F3A.6070607@offmyserver.com>
In-Reply-To: <407D1E4F.4000500@buc.com.ua>
References:  <200403171648.i2HGmWwS015144@freefall.freebsd.org> <407D1E4F.4000500@buc.com.ua>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
Dmitry Surovtsev wrote:

> securiteam news (http://www.securiteam.com/exploits/5CP0B0UCKU.html):
> 
> A vulnerability in FreeBSD's implementation of packet filtering for IPv4
> and IPv6 has been found. The vulnerability allows specially crafted
> packets that are not part of an established connection to go through the
> firewall. These special packets must have the ECE flag set, which is in
> the TCP reserved options field.
> 
>  [snip]

Hello Dmitry,

This bug was fixed circa three years ago. Please see the date on the 
exploit.

Kind regards,

Devon H. O'Dell



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?407D1F3A.6070607>