Date: Thu, 26 Feb 2004 08:43:24 +0100 (MET) From: Helge Oldach <helge.oldach@atosorigin.com> To: nectar@freebsd.org (Jacques A. Vidrine) Cc: freebsd-net@freebsd.org Subject: Re: Fwd: [is this mbuf problem real?] Message-ID: <200402260743.IAA18903@galaxy.hbg.de.ao-srv.com> In-Reply-To: <20040218220230.GF47727@madman.celabo.org> from "Jacques A. Vidrine" at "Feb 18, 2004 11: 2:30 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
All, maybe someone can comment on the status of this alert? There have been some comments about fixing it on freebsd-net@ but I haven't seen a CVS log - or I just missed it. Thanks. Helge Jacques A. Vidrine: >Does anyone have time to investigate? I will try to get more >information from iDEFENSE. > >Cheers, >-- >Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / >nectar@freebsd.org > >----- Forwarded message from Baby Peanut <baby_p_nut2@yahoo.com> ----- > >Date: Wed, 18 Feb 2004 06:21:25 -0800 (PST) >From: Baby Peanut <baby_p_nut2@yahoo.com> >To: freebsd-security@freebsd.org >Subject: is this mbuf problem real? >Message-ID: <20040218142125.49433.qmail@web41902.mail.yahoo.com> > >BM_207650 >MEDIUM >Vulnerability >Version: 1 2/18/2004@03:47:29 GMT >Initial report > <https://ialert.idefense.com/KODetails.jhtml?irId=207650>; >ID#207650: >FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability >(iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS) >vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers >to launch a DoS attack. > >By sending many out-of-sequence packets, a low bandwidth denial of >service attack is possible against FreeBSD. When the targeted system >runs out of memory buffers (mbufs), it is no longer able to accept or >create new connections. > > >Analysis: (iDEFENSE US) Exploitation of this vulnerability requires >that the targeted system has at least one open TCP port. > >The DoS will last until the port is closed, either by the attacker or >the target machine. > >Detection: iDEFENSE has confirmed this vulnerability exists in FreeBSD >5.1 (default install from media). It is expected that it also exists >in earlier versions. > >Exploit: iDEFENSE has proof of concept exploit code demonstrating the >impact of this vulnerability. > > >Vulnerability Types: Design Error - Denial of Service >Prevalence and Popularity: Almost always >Evidence of Active Exploitation or Probing: No known exploitation or >spike in probing >Ease of Exploitation: Remotely Exploitable >Existence and Availability of Exploit Code: An Exploit exists and is >closely traded. >Vulnerability Consequence: Availability > >__________________________________ >Do you Yahoo!? >Yahoo! Mail SpamGuard - Read only the mail you want. >http://antispam.yahoo.com/tools >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > > >----- End forwarded message ----- > >_______________________________________________ >freebsd-net@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-net >To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200402260743.IAA18903>