On Sep 3, 12:04pm, Studded wrote:
} Subject: Response to RST validation problem?
} As I'm sure everyone is aware, there was a post on bugtraq Sunday
} regarding a vulnerability in our TCP code which leaves the system open
} to attack via RST packets. In the past the project has always responded
} within a few days to such problems, either with a fix or a progress
} report on a fix. I have not seen such a response, therefore I'm asking
} what progress is being made on this problem.
There have been some patches posted to security. One was a mega-patch
from me that fixes this as well as a few other problems.
} According to Darren Reed the appropriate fix is already available in
} NetBSD's code, so that might be a good place to start looking. :)
The NetBSD code looks vulnerable to me.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message