From owner-freebsd-ipfw@FreeBSD.ORG Wed Apr 14 02:35:00 2004 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 151F216A4CE for ; Wed, 14 Apr 2004 02:35:00 -0700 (PDT) Received: from tx2.oucs.ox.ac.uk (tx2.oucs.ox.ac.uk [163.1.2.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8F45543D5A for ; Wed, 14 Apr 2004 02:34:59 -0700 (PDT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from scan2.oucs.ox.ac.uk ([163.1.2.162] helo=localhost) by tx2.oucs.ox.ac.uk with esmtp (Exim 4.24) id 1BDgnK-0005k5-LS for freebsd-ipfw@freebsd.org; Wed, 14 Apr 2004 10:34:58 +0100 Received: from rx2.oucs.ox.ac.uk ([163.1.2.161]) by localhost (scan2.oucs.ox.ac.uk [163.1.2.162]) (amavisd-new, port 25) with ESMTP id 21759-08 for ; Wed, 14 Apr 2004 10:34:58 +0100 (BST) Received: from gateway.wadham.ox.ac.uk ([163.1.161.253]) by rx2.oucs.ox.ac.uk with smtp (Exim 4.24) id 1BDgnK-0005jy-83 for freebsd-ipfw@freebsd.org; Wed, 14 Apr 2004 10:34:58 +0100 Received: (qmail 5515 invoked by uid 1004); 14 Apr 2004 09:34:58 -0000 Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with qmail-scanner-1.20 (clamscan: 0.67. sweep: 2.18/3.79. Clear:RC:1(163.1.161.131):. Processed in 0.135248 secs); 14 Apr 2004 09:34:58 -0000 Received: from dhcp1131.wadham.ox.ac.uk (HELO piii600.wadham.ox.ac.uk) (163.1.161.131) by gateway.wadham.ox.ac.uk with SMTP; 14 Apr 2004 09:34:58 -0000 Message-Id: <6.0.1.1.1.20040414102727.03ad0008@imap.sfu.ca> X-Sender: cperciva@imap.sfu.ca (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 6.0.1.1 Date: Wed, 14 Apr 2004 10:34:55 +0100 To: freebsd-security@freebsd.org From: Colin Percival Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" cc: freebsd-ipfw@freebsd.org Subject: FYI re: "FreeBSD ECE flag ipfw protection bypass" X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Apr 2004 09:35:00 -0000 Several people have noticed that SecuriTeam.com is reporting a "FreeBSD ECE flag ipfw protection bypass" exploit. In an effort to save time, let me say this publicly: SecuriTeam.com is three years out of date. This problem was fixed in FreeBSD 3.5-STABLE and 4.2-STABLE in January 2001, and reported in Security Advisory FreeBSD-SA-01:08. Colin Percival