Date: Sun, 29 Feb 2004 19:38:11 -0500 From: Mike Tancsa <mike@sentex.net> To: freebsd-security@freebsd.org Subject: mbuf vulnerability Message-ID: <6.0.3.0.0.20040229182702.07a67a68@209.112.4.2>
next in thread | raw e-mail | index | archive | help
In http://docs.freebsd.org/cgi/mid.cgi?200402260743.IAA18903 it seems RELENG_4 is vulnerable. Is there any work around to a system that has to have ports open ? Version: 1 2/18/2004@03:47:29 GMT >Initial report > <<https://ialert.idefense.com/KODetails.jhtml?irId=207650>https://ialert.idefense.com/KODetails.jhtml?irId=207650; >ID#207650: >FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability >(iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS) >vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers >to launch a DoS attack. > >By sending many out-of-sequence packets, a low bandwidth denial of >service attack is possible against FreeBSD. When the targeted system >runs out of memory buffers (mbufs), it is no longer able to accept or >create new connections. -------------------------------------------------------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet since 1994 www.sentex.net Cambridge, Ontario Canada www.sentex.net/mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.3.0.0.20040229182702.07a67a68>