Date: Tue, 21 Jun 2005 14:25:45 -0400 From: Richard Coleman <rcoleman@criticalmagic.com> To: Jacques Vidrine <nectar@FreeBSD.org> Cc: freebsd-security@freebsd.org Subject: Re: TCP timestamp vulnerability Message-ID: <42B85BA9.6060905@criticalmagic.com> In-Reply-To: <97D5BFC7-D07D-4DB5-A6C2-D4C71C679CA4@FreeBSD.org> References: <20050519105313.GC2724@unixpages.org> <97D5BFC7-D07D-4DB5-A6C2-D4C71C679CA4@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Jacques Vidrine wrote: > > On May 19, 2005, at 5:53 AM, Christian Brueffer wrote: > >> fixes for the vulnerability described in http://www.kb.cert.org/ >> vuls/id/637934 >> were checked in to CURRENT and RELENG_5 by ps in April. >> >> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c >> >> Revisions 1.270 and 1.252.2.16 >> >> He didn't commit it to RELENG_5_4 for some reason, so 5.4 shipped with >> it. >> >> My guess is that he didn't notify you guys either. >> >> I stumbled upon this through a Heise News article at >> http://www.heise.de/newsticker/meldung/59672. Sent them an update about >> the fixed branches, but they'd like to know why this wasn't communicated >> back to US-CERT yadda yadda yadda. > > Thanks, Christian. No, ps@ didn't point it out. It gets a little > confusing too, since I see that the work was submitted by multiple > folks, one of which reported another related vulnerability to us on May > 18 (7 days after that commit). Now to try to untangle what is what ... My boss asked me to check on whether this problem was fixed for FreeBSD 4.10. I didn't see any advisories related to this, and FreeBSD is still showing as vulnerable on the CERT web site. It doesn't look like a fix for this has been committed to any of the 4.X branches. Any word on this? Thanks for the help. Richard Coleman rcoleman@criticalmagic.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42B85BA9.6060905>