Date: Thu, 19 May 2005 10:03:21 -0700 From: John-Mark Gurney <gurney_j@resnet.uoregon.edu> To: Andre Oppermann <andre@freebsd.org> Cc: freebsd-net@freebsd.org Subject: Re: tcp timestamp vulnerability? Message-ID: <20050519170321.GB959@funkthat.com> In-Reply-To: <428C5F89.2E595E02@freebsd.org> References: <20050519093736.GA932@unixpages.org> <428C5F89.2E595E02@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Andre Oppermann wrote this message on Thu, May 19, 2005 at 11:42 +0200: > Christian Brueffer wrote: > > > > Hi, > > > > has anyone taken a look at http://www.kb.cert.org/vuls/id/637934? > > sys/netinet/tcp_input.c Revision 1.270, Sun Apr 10 05:24:59 2005 UTC > (5 weeks, 4 days ago) by ps > Branch: MAIN > Changes since 1.269: +23 -3 lines > > - Tighten up the Timestamp checks to prevent a spoofed segment from > setting ts_recent to an arbitrary value, stopping further > communication between the two hosts. > - If the Echoed Timestamp is greater than the current time, > fall back to the non RFC 1323 RTT calculation. > > Submitted by: Raja Mukerji (raja at moselle dot com) > Reviewed by: Noritoshi Demizu, Mohan Srinivasan Looks like someone needs to get an offical statement out, since CERT still lists FreeBSD as vulnerable (as of 16-Mar-2005)... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050519170321.GB959>