From owner-freebsd-security  Fri Oct  6  5:37:58 2000
Delivered-To: freebsd-security@freebsd.org
Received: from xkis.kis.ru (xkis.kis.ru [195.98.32.200])
	by hub.freebsd.org (Postfix) with ESMTP id 5F12737B502
	for <security@FreeBSD.ORG>; Fri,  6 Oct 2000 05:37:50 -0700 (PDT)
Received: from localhost (dv@localhost)
          by xkis.kis.ru (8.9.3/8.9.3) with SMTP id QAA10036;
          Fri, 6 Oct 2000 16:37:37 +0400 (MSD)
Date: Fri, 6 Oct 2000 16:37:37 +0400 (MSD)
From: Dmitry Valdov <dv@dv.ru>
X-Sender: dv@xkis.kis.ru
To: Ruslan Ermilov <ru@sunbay.com>
Cc: Fernando Schapachnik <fpscha@via-net-works.net.ar>,
	security@FreeBSD.ORG
Subject: Re: HERT advisory: FreeBSD IP Spoofing (fwd)
In-Reply-To: <20001006152906.A90221@sunbay.com>
Message-ID: <Pine.BSF.3.95q.1001006163649.9906B-100000@xkis.kis.ru>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Hi!

And how about 2.x branch? 

Dmitry.


On Fri, 6 Oct 2000, Ruslan Ermilov wrote:

> Date: Fri, 6 Oct 2000 15:29:06 +0300
> From: Ruslan Ermilov <ru@sunbay.com>
> To: Fernando Schapachnik <fpscha@via-net-works.net.ar>
> Cc: security@FreeBSD.ORG
> Subject: Re: HERT advisory: FreeBSD IP Spoofing (fwd)
> 
> On Fri, Oct 06, 2000 at 09:12:54AM -0300, Fernando Schapachnik wrote:
> > Many of you may have read this.
> > 
> > It states that 4.1 is vulnerable, but doesn't mention 4.1.1. It also
> > provides URL to patches that are not accesible. Somebody has more
> > info?
> > 
> kris        2000/09/28 18:37:19 PDT
> 
>   Modified files:
>     sys/netinet          tcp_seq.h tcp_subr.c 
>   Log:
>   Use stronger random number generation for TCP_ISSINCR and tcp_iss.
>   
>   Reviewed by:	peter, jlemon
>   
>   Revision  Changes    Path
>   1.12      +2 -2      src/sys/netinet/tcp_seq.h
>   1.81      +2 -2      src/sys/netinet/tcp_subr.c
> 
> 
> kris        2000/09/29 01:48:45 PDT
> 
>   Modified files:        (Branch: RELENG_4)
>     sys/netinet          tcp_seq.h tcp_subr.c 
>   Log:
>   MFC: Use stronger randomness for TCP_ISSINCR and tcp_iss
>   
>   Revision  Changes    Path
>   1.11.2.1  +2 -2      src/sys/netinet/tcp_seq.h
>   1.73.2.5  +2 -2      src/sys/netinet/tcp_subr.c
> 
> 
> kris        2000/09/29 01:49:56 PDT
> 
>   Modified files:        (Branch: RELENG_3)
>     sys/netinet          tcp_seq.h tcp_subr.c 
>   Log:
>   MFC: Use stronger randomness for TCP_ISSINCR and tcp_iss
>   
>   Revision  Changes    Path
>   1.8.4.2   +2 -2      src/sys/netinet/tcp_seq.h
>   1.49.2.6  +2 -2      src/sys/netinet/tcp_subr.c
> 
> -- 
> Ruslan Ermilov		Oracle Developer/DBA,
> ru@sunbay.com		Sunbay Software AG,
> ru@FreeBSD.org		FreeBSD committer,
> +380.652.512.251	Simferopol, Ukraine
> 
> http://www.FreeBSD.org	The Power To Serve
> http://www.oracle.com	Enabling The Information Age
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message