From owner-freebsd-security@FreeBSD.ORG Sun Feb 29 17:03:44 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C21FD16A4CE for ; Sun, 29 Feb 2004 17:03:44 -0800 (PST) Received: from relay.pair.com (relay.pair.com [209.68.1.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 27E6143D2D for ; Sun, 29 Feb 2004 17:03:44 -0800 (PST) (envelope-from silby@silby.com) Received: (qmail 12558 invoked from network); 1 Mar 2004 01:03:42 -0000 Received: from niwun.pair.com (HELO localhost) (209.68.2.70) by relay.pair.com with SMTP; 1 Mar 2004 01:03:42 -0000 X-pair-Authenticated: 209.68.2.70 Date: Sun, 29 Feb 2004 19:03:41 -0600 (CST) From: Mike Silbersack To: Mike Tancsa In-Reply-To: <6.0.3.0.0.20040229182702.07a67a68@209.112.4.2> Message-ID: <20040229190101.V13340@odysseus.silby.com> References: <6.0.3.0.0.20040229182702.07a67a68@209.112.4.2> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-security@freebsd.org Subject: Re: mbuf vulnerability X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Mar 2004 01:03:44 -0000 On Sun, 29 Feb 2004, Mike Tancsa wrote: > In > http://docs.freebsd.org/cgi/mid.cgi?200402260743.IAA18903 > > it seems RELENG_4 is vulnerable. Is there any work around to a system that > has to have ports open ? There is no way to fix this issue without kernel modifications. A fix has been committed to -current, someone on the security team can probably provide information on when the MFC will be appearing. On the plus side, you have to establish a TCP connection to make the DoS happen, so people abusing it can be easily traced. Mike "Silby" Silbersack