From owner-freebsd-security@FreeBSD.ORG  Wed Apr 30 08:21:20 2014
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id B36558C8
 for <freebsd-security@freebsd.org>; Wed, 30 Apr 2014 08:21:20 +0000 (UTC)
Received: from mail.tyknet.dk (mail.tyknet.dk
 [IPv6:2a01:4f8:201:2327:144:76:253:226])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 706B21082
 for <freebsd-security@freebsd.org>; Wed, 30 Apr 2014 08:21:20 +0000 (UTC)
Received: from [10.10.2.24] (217.71.4.82.static.router4.bolignet.dk
 [217.71.4.82])
 (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 by mail.tyknet.dk (Postfix) with ESMTPSA id 8010A211C5D
 for <freebsd-security@freebsd.org>; Wed, 30 Apr 2014 08:21:09 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.8.3 mail.tyknet.dk 8010A211C5D
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gibfest.dk; s=default;
 t=1398846069; bh=vc48mTTAPpK4MSAgy0FR8bLnXIZ3aKNaVKNFDtw4b5M=;
 h=Date:From:To:Subject:References:In-Reply-To;
 b=qpptSW2tcrIWdmtJ0WHrqjtt1UmMm/YmPvTh6zehocR1l8ZlM/0cLhzRYZ+cOsov1
 7E/0ilqXxxa2NjE3i7xDB+lAqWSZRBPqN3/C/qp9i3F3Kt99LTSeAhJwVOPJZvtnwL
 zDMHB8pB6gVQwmgN020x62DJ7gu0hTwb23uJUIAOKpbNGgud1Fvqavc20HMesVALCU
 28QhrCcXylSWa2lQCi/EUAeU2t1jR3ICpstX4sMaKtB/WBE7Gw+zvJUs+0Y+6JK/0X
 HA1JcLEAQSqFnafc1PfYomHaRIbnY17BX4NHDKEgQihuR0+JchgpCKMFy0M1L5MTAj
 2qZBll8xkfHEQ==
Message-ID: <5360B273.102@gibfest.dk>
Date: Wed, 30 Apr 2014 10:21:07 +0200
From: Thomas Steen Rasmussen <thomas@gibfest.dk>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: freebsd-security@freebsd.org
Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp
References: <201404300435.s3U4ZAw1093717@freefall.freebsd.org>
In-Reply-To: <201404300435.s3U4ZAw1093717@freefall.freebsd.org>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Apr 2014 08:21:20 -0000



On 30-04-2014 06:35, FreeBSD Security Advisories wrote:
> =============================================================================
> FreeBSD-SA-14:08.tcp                                        Security Advisory
>                                                           The FreeBSD Project
> 
> Topic:          TCP reassembly vulnerability
> 

Hello everyone,

Does anyone have a PoC exploit for this ? I want to see what we can do
in IPS and so on at $work to protect against this until the patches can
be applied.

Thanks!


/Thomas