Info

Disclosure

Jan 11, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

FreeBSD contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious attacker sends ICMP IP fragments to or through an ipfw firewall which match any reset, reject or unreach actions. Due to the incorrect handling of IP fragments, the pointer to layer 4 header information fails to get initialized, resulting in loss of availability for the platform.

Classification

Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability

Solution

Upgrade to version 6.0-STABLE or or to the RELENG_6_0 security branch dated after the correction date, as it has been reported to fix this vulnerability. In addition, FreeBSD has released a patch to address this vulnerability.

Products

The FreeBSD Project

FreeBSD

6.0-RELEASE

References

Security Tracker: 1015477
Secunia Advisory ID: 18378
SCIP VulDB ID: 1970
CVE ID: 2006-0054 (see also: NVD)
Vendor Specific Advisory URL: ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:04.ipfw.asc
Vendor Specific Solution URL: ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:04/ipfw.patch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:04/ipfw.patch.asc
Vendor URL: http://www.freebsd.org

Credit

Oleg Bulyzhin -

Direct URL: http://osvdb.org/22319