Date: Fri, 29 Oct 2004 15:05:48 +0400 From: "Alexey V. Tolstenok <alex@antar.bryansk.ru>" <alex@antar.bryansk.ru> To: "FreeBSD gnats submit" <FreeBSD-gnats-submit@FreeBSD.org> Subject: kern/73276: ipfw2 vulnerability (parser error) Message-ID: <1099047948.0@zeus.antar.bryansk.ru> Resent-Message-ID: <200410291110.i9TBAF3v037327@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 73276
>Category: kern
>Synopsis: ipfw2 vulnerability (parser error)
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Oct 29 11:10:15 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Alexey V. Tolstenok <alex@antar.bryansk.ru>
>Release: FreeBSD 5.3-RC1 i386
>Organization:
Sviaz-Service-Internet
>Environment:
System: FreeBSD 5.3-RC1 #0: Sat Oct 23 21:45:36 GMT 2004
alex@:/usr/obj/usr/src/sys/KERNEL
>Description:
ipfw parser accepts any number of escaped closing parenthesis despite of number of opening ones
>How-To-Repeat:
Just type such string in shell prompt:
ipfw add 100 allow ip from 192.168.0.0/24\{1,2\}\}\}\}\}\}\}\}\}\} to any
>Fix:
Unknown to me
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1099047948.0>