From owner-freebsd-security@FreeBSD.ORG  Wed Feb 18 06:21:25 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BE78116A4CE
	for <freebsd-security@freebsd.org>;
	Wed, 18 Feb 2004 06:21:25 -0800 (PST)
Received: from web41902.mail.yahoo.com (web41902.mail.yahoo.com
	[66.218.93.153])	by mx1.FreeBSD.org (Postfix) with SMTP id 9AF1443D1F
	for <freebsd-security@freebsd.org>;
	Wed, 18 Feb 2004 06:21:25 -0800 (PST)
	(envelope-from baby_p_nut2@yahoo.com)
Message-ID: <20040218142125.49433.qmail@web41902.mail.yahoo.com>
Received: from [69.138.247.249] by web41902.mail.yahoo.com via HTTP;
	Wed, 18 Feb 2004 06:21:25 PST
Date: Wed, 18 Feb 2004 06:21:25 -0800 (PST)
From: Baby Peanut <baby_p_nut2@yahoo.com>
To: freebsd-security@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Subject: is this mbuf problem real?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Feb 2004 14:21:25 -0000

BM_207650
MEDIUM	 
Vulnerability	
Version: 1  2/18/2004@03:47:29 GMT 
Initial report
	 <https://ialert.idefense.com/KODetails.jhtml?irId=207650>
ID#207650: 	
FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability
(iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS)
vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers
to launch a DoS attack.

By sending many out-of-sequence packets, a low bandwidth denial of
service attack is possible against FreeBSD. When the targeted system
runs out of memory buffers (mbufs), it is no longer able to accept or
create new connections.


Analysis: (iDEFENSE US) Exploitation of this vulnerability requires
that the targeted system has at least one open TCP port.

The DoS will last until the port is closed, either by the attacker or
the target machine.

Detection: iDEFENSE has confirmed this vulnerability exists in FreeBSD
5.1 (default install from media). It is expected that it also exists
in earlier versions.

Exploit: iDEFENSE has proof of concept exploit code demonstrating the
impact of this vulnerability.


Vulnerability Types: Design Error - Denial of Service	 	
Prevalence and Popularity: Almost always	
Evidence of Active Exploitation or Probing: No known exploitation or
spike in probing	
Ease of Exploitation: Remotely Exploitable
Existence and Availability of Exploit Code: An Exploit exists and is
closely traded.	
Vulnerability Consequence: Availability

__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools