Date: Tue, 20 Jun 2000 13:00:10 +0300 (EEST) From: Adrian Penisoara <ady@warpnet.ro> To: freebsd-isp@FreeBSD.ORG Cc: freebsd-security@FreeBSD.ORG, tech@OpenBSD.org, Brian Somers <brian@Awfulhak.org> Subject: ATTN: FIX for PPP with >9 tunnels / possible DoS Message-ID: <Pine.BSF.4.10.10006201236450.1849-100000@ady.warpnet.ro>
next in thread | raw e-mail | index | archive | help
Hi, Whoever uses userland PPP with more than 9 tunnel devices compiled in kernel should be updating to the latest (post 2000/06/19) sources, a bug which was affecting route deletion handling has just been committed. What is it all about: at startup PPP was getting a wrong interface index number in the routing table and upon termination it was deleting routes for the wrong tunnel interface. Evil users may exploit this in that they can block those PPP links who use the first tunnel interfaces. For more detalis please chek out PR #19384 ( http://www.freebsd.org/cgi/query-pr.cgi?pr=19384 ); please do not use the patch suggested in the PR, better use the version committed in the CVS tree which is optimised. *All* FreeBSD branches are affected; the fix has been committed for 3-stable, 4-stable and 5-current branches. I CC'ed to OpenBSD's technical mailing lists because they are using the same source package and might be affected (?). Thanks, Adrian Penisoara Ady (@freebsd.ady.ro) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10006201236450.1849-100000>