Date: Thu, 22 Apr 2004 18:03:54 +0200 From: Andre Oppermann <andre@freebsd.org> To: current@freebsd.org, net@freebsd.org, security@freebsd.org Subject: [Fwd: NetBSD Security Advisory 2004-006: TCP protocol andimplementation vulnerability] Message-ID: <4087ECE9.E74B7EF3@freebsd.org>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------408A56302E1216CAA90B06A1 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit FYI --------------408A56302E1216CAA90B06A1 Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Mozilla-Status2: 00000000 Message-ID: <4087C5B4.D80833B1@freebsd.org> Date: Thu, 22 Apr 2004 15:16:36 +0200 From: Andre Oppermann <andre@freebsd.org> X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: bugtraq@securityfocus.com Subject: Re: NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability References: <20040421181435.GR8091@mail> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit The additional implementation flaw of BSD based TCP/IP stacks has been fixed in FreeBSD in revision 1.81 of tcp_input.c in 1998 for FreeBSD 2.2 and 3.0 and all releases since about six years ago. -- Andre NetBSD Security-Officer wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > NetBSD Security Advisory 2004-006 > ================================= > > Topic: TCP protocol and implementation vulnerability > > Severity: Serious (TCP disconnected by malicious party, unwanted data > injected into TCP stream) > > Abstract > ======== > > The longstanding TCP protocol specification has several weaknesses. > (RFC793): > > - - fabricated RST packets from a malicious third party can tear down a > TCP session > - - fabricated SYN packets from a malicious third party can tear down a > TCP session > - - a malicious third party can inject data to TCP session without much > difficulty > > NetBSD also had an additional implementation flaw, which made these > attacks easier. --------------408A56302E1216CAA90B06A1--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4087ECE9.E74B7EF3>