Date: Thu, 18 Nov 2004 15:38:25 +0000 From: Josef El-Rayes <josef@FreeBSD.org> To: Xin LI <delphij@FreeBSD.org> Cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/pppd cbcp.c Message-ID: <20041118153825.GA12893@daemon.li> In-Reply-To: <200411181521.iAIFLCJ3062379@repoman.freebsd.org> References: <200411181521.iAIFLCJ3062379@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Xin LI <delphij@FreeBSD.org>: > Correct a potential DoS vulnerability, as described at > > http://www.securityfocus.com/archive/1/379450 This advisory is incorrect. It is actually not a DoS vulnerability as the attacker can only kill the connection to him, not others, see: http://marc.theaimsgroup.com/?l=bugtraq&m=109941891320391 Thanks for MFC'ing this, Greets, Josef -- Josef El-Rayes (__) Email: josef@daemon.li \\\'',) Web: http://daemon.li/ \/ \ ^ FreeBSD Security Team .\._/_) [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iQEUAwUBQZzB8FnFItmnnbU8AQI7OAf3WUb6Be+uw6wUic1Qy2sXYamDVHo8LCzv 3PPGrflfrr6WxboiZA/4mYJk7AlA2wOiks+bUkLafbWFElNMocf6hzgtAqQunOZ8 oi/IBZWB2pCrw37HpuehYG03qFP968GhkO+vMsq78BLwVB5A2GnGQeAjkpVWulH/ tY2MmW+0B8e+BsjQ5qGKVl+y7IAO+e5XU3p+KzyfDRA2DHDcabdZB97YKKs3cWnI m/YipdXFeemOJi7Pn8uKOX3QirOnPbVKCAC1NKXjB7YaH9US+tFKDkwm8w6ye7kV JvAV4N9zvLeyL+ZrT21gFcZxHBGmNwncFqnP3/P746sgZ1h8IC+o =JDqo -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041118153825.GA12893>