From owner-freebsd-net@FreeBSD.ORG Wed Feb 18 14:02:31 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B3D5C16A4CE; Wed, 18 Feb 2004 14:02:31 -0800 (PST) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7D90443D1F; Wed, 18 Feb 2004 14:02:31 -0800 (PST) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 2F90E548A3; Wed, 18 Feb 2004 16:02:31 -0600 (CST) Received: by madman.celabo.org (Postfix, from userid 1001) id E25326D455; Wed, 18 Feb 2004 16:02:30 -0600 (CST) Date: Wed, 18 Feb 2004 16:02:30 -0600 From: "Jacques A. Vidrine" To: freebsd-net@freebsd.org Message-ID: <20040218220230.GF47727@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , freebsd-net@freebsd.org, FreeBSD Security Officer Team Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: FreeBSD Security Officer Team Subject: Fwd: [is this mbuf problem real?] X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Feb 2004 22:02:31 -0000 Does anyone have time to investigate? I will try to get more information from iDEFENSE. Cheers, -- Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org ----- Forwarded message from Baby Peanut ----- Date: Wed, 18 Feb 2004 06:21:25 -0800 (PST) From: Baby Peanut To: freebsd-security@freebsd.org Subject: is this mbuf problem real? Message-ID: <20040218142125.49433.qmail@web41902.mail.yahoo.com> BM_207650 MEDIUM Vulnerability Version: 1 2/18/2004@03:47:29 GMT Initial report ID#207650: FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability (iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS) vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers to launch a DoS attack. By sending many out-of-sequence packets, a low bandwidth denial of service attack is possible against FreeBSD. When the targeted system runs out of memory buffers (mbufs), it is no longer able to accept or create new connections. Analysis: (iDEFENSE US) Exploitation of this vulnerability requires that the targeted system has at least one open TCP port. The DoS will last until the port is closed, either by the attacker or the target machine. Detection: iDEFENSE has confirmed this vulnerability exists in FreeBSD 5.1 (default install from media). It is expected that it also exists in earlier versions. Exploit: iDEFENSE has proof of concept exploit code demonstrating the impact of this vulnerability. Vulnerability Types: Design Error - Denial of Service Prevalence and Popularity: Almost always Evidence of Active Exploitation or Probing: No known exploitation or spike in probing Ease of Exploitation: Remotely Exploitable Existence and Availability of Exploit Code: An Exploit exists and is closely traded. Vulnerability Consequence: Availability __________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" ----- End forwarded message -----