Date: Thu, 01 May 2014 19:51:37 +0100 From: Karl Pielorz <kpielorz_lst@tdx.co.uk> To: d@delphij.net, freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:08.tcp Message-ID: <5E06BC0A5CFB26EDF20A7FC5@study64.tdx.co.uk> In-Reply-To: <53629582.9010605@delphij.net> References: <201404300435.s3U4ZAw1093717@freefall.freebsd.org> <7A880FB5C3D1DA39692881FE@study64.tdx.co.uk> <53629582.9010605@delphij.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--On 1 May 2014 11:42:10 -0700 Xin Li <delphij@delphij.net> wrote: >> Does this require an established TCP session to be present? - i.e. >> If you have a host which provides no external TCP sessions (i.e. >> replies 'Connection Refused' / drops the initial SYN) would that >> still be potentially exploitable? > > No. An established TCP session is required. > >> What about boxes used as routers - that just forward the traffic >> (and again, offer no TCP services directly themselves)? > > Routers themselves are not affected assuming that they merely forwards > the traffic. That's great - thanks for clarifying... We have a number of boxes that you can't (from the Internet) get a TCP session to, whilst they will still have to be patched [to protect them from our 'admin' networks] - we can use that mitigation to schedule a better patch install / reboot schedule, Regards, -Karl
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5E06BC0A5CFB26EDF20A7FC5>