Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 20 Nov 1997 12:10:35 -0800 (PST)
From:      Jim Shankland <jas@flyingfox.com>
To:        freebsd-security@freebsd.org, Martin.Machacek@eunet.cz
Subject:   Re: new TCP/IP bug in win95 (fwd)
Message-ID:  <199711202010.MAA29126@biggusdiskus.flyingfox.com>

next in thread | raw e-mail | index | archive | help
Martin Machacek <Martin.Machacek@eunet.cz> writes:

> I've tried the exploit against FreeBSD 2.2.2, 2.2.5 and 3.0-current
> and the results were interesting. FreeBSD 2.2.2 does not seem to be
> vulnerable, however both 2.2.5 and 3.0 froze.

I'd appreciate a pointer to, or a mailed copy of, the actual exploit
(I let my BUGTRAQ subscription lapse months ago).  I've modified the
FreeBSD TCP stack a bit, and want to see if I'm vulnerable, and fix it
if so.

> The problem is in my opinion not that critical because every decent network 
> should have IP spoofs filtered on the external router

Uh huh :-).  Well, this may increase the number of "decent networks."

(And lest anyone get any bright ideas about testing this for me:  yes,
my network is "decent.")

Jim Shankland
Flying Fox Computer Systems, Inc.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199711202010.MAA29126>