From owner-freebsd-security@FreeBSD.ORG Thu May 7 13:49:16 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id B5128752; Thu, 7 May 2015 13:49:16 +0000 (UTC) Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [IPv6:2607:f3e0:0:1::12]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client CN "smarthost.sentex.ca", Issuer "smarthost.sentex.ca" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 7F46617E6; Thu, 7 May 2015 13:49:16 +0000 (UTC) Received: from [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a] (saphire3.sentex.ca [IPv6:2607:f3e0:0:4:f025:8813:7603:7e4a]) by smarthost1.sentex.ca (8.14.9/8.14.9) with ESMTP id t47DnDWn039029; Thu, 7 May 2015 09:49:14 -0400 (EDT) (envelope-from mike@sentex.net) Message-ID: <554B6D4C.50903@sentex.net> Date: Thu, 07 May 2015 09:49:00 -0400 From: Mike Tancsa Organization: Sentex Communications User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Julian Elischer , "freebsd-security@freebsd.org" Subject: Re: SA-14:19 (Denial of Service in TCP packet processing) and jails issue ? References: <5541560C.5020004@sentex.net> <5547E47A.5040502@sentex.net> <55482F9E.8050701@freebsd.org> <5548C65D.5070703@sentex.net> In-Reply-To: <5548C65D.5070703@sentex.net> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.75 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 May 2015 13:49:16 -0000 On 5/5/2015 9:32 AM, Mike Tancsa wrote: > and then restarted the scan. > > Sure enough, it comes up vulnerable. I have placed the 2 pcaps, and the > reports in http://www.tancsa.com/jail I setup a similar target environment for RELENG_10 but the scan seems to think RELENG_10 is just plain vulnerable. Still trying to figure out / narrow it how it decides its vulnerable. ---Mike -- ------------------- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, mike@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/