Date: Thu, 3 Sep 1998 14:29:40 -0700 From: Don Lewis <Don.Lewis@tsc.tdk.com> To: Studded <Studded@dal.net>, freebsd-hackers@FreeBSD.ORG Subject: Re: Response to RST validation problem? Message-ID: <199809032129.OAA04951@salsa.gv.tsc.tdk.com> In-Reply-To: Studded <Studded@dal.net> "Response to RST validation problem?" (Sep 3, 12:04pm)
next in thread | previous in thread | raw e-mail | index | archive | help
On Sep 3, 12:04pm, Studded wrote: } Subject: Response to RST validation problem? } As I'm sure everyone is aware, there was a post on bugtraq Sunday } regarding a vulnerability in our TCP code which leaves the system open } to attack via RST packets. In the past the project has always responded } within a few days to such problems, either with a fix or a progress } report on a fix. I have not seen such a response, therefore I'm asking } what progress is being made on this problem. There have been some patches posted to security. One was a mega-patch from me that fixes this as well as a few other problems. } According to Darren Reed the appropriate fix is already available in } NetBSD's code, so that might be a good place to start looking. :) The NetBSD code looks vulnerable to me. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809032129.OAA04951>