similar to: FreeBSD Security Advisory FreeBSD-SA-04:04.tcp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:04.tcp Security Advisory The FreeBSD Project Topic: many out-of-sequence TCP packets denial-of-service Category: core Module: kernel

yes unless you use the version as of :> 2004-03-02 17:24:46 UTC (RELENG_5_2, 5.2.1-RELEASE-p1) check it out with uname -a if it does not say -p1 it affects you. My guess, you are affected :) cheers -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van:

Hello, all! In the beginning I want to say, that this question seems to be a security one, isn't it so?.. Recently I was googling for the subject and coulnd't find anything... Even in the opennet.ru forum nobody answered me about this. So, as far as I got to know, randomizing source ports in FreeBSD is impossible now? (to be exact - is not implemented?) It's very interesting to me

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:02.shmat Security Advisory The FreeBSD Project Topic: shmat reference counting bug Category: core Module: kernel Announced: 2004-02-05

Any information on when (or if) the following timestamp vulnerability will be fixed for 4.X? Any information would be appreciated. http://www.kb.cert.org/vuls/id/637934 Thanks. Richard Coleman rcoleman@criticalmagic.com

Hello security gurus, yesterday, I mistakenly posted a question on the questions list about this article : http://www.securityfocus.com/bid/13676/info/ which talks about a form of DOS vulnerability. I was curious as to the possibility of FreeBSD 5.x being affected, and if anyone was working on this or not. Ted Mittelstaedt posted this possible patch based upon the OpenBSD patch : in

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:14.cvs.asc Security Advisory The FreeBSD Project Topic: CVS Category: contrib Module: cvs Announced: 2004-09-19 Credits: Stefan

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:14.cvs.asc Security Advisory The FreeBSD Project Topic: CVS Category: contrib Module: cvs Announced: 2004-09-19 Credits: Stefan

Hi, I've encountered a strange problem while using FreeBSD 6.0 for our local mirror (mirror.math.uni-bielefeld.de) and thus is providing access via ftp, http, rsync and cvsup (all local and remote). The system crashes periodically with a kernel panic (panic: sbdrop). The uptimes between two crashes are going from a few hours to a few weeks. The system is a i386, Intel Pentium 4 based with

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:12.jailroute Security Advisory The FreeBSD Project Topic: Jailed processes can manipulate host routing tables Category: core Module: kernel

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:01.mksnap_ffs Security Advisory The FreeBSD Project Topic: mksnap_ffs clears file system options Category: core Module: mksnap_ffs Announced:

Hi , I have posted DTrace script to snoop tcp traffic and also provided a wrapper script for it to filter out unwanted traffic. http://blogs.sun.com/roller/comments/raviswam/Weblog/tcp_snoop_using_dtrace Please let me know if you have any feedback/comments on this. Thanks Ravi

BM_207650 MEDIUM Vulnerability Version: 1 2/18/2004@03:47:29 GMT Initial report <https://ialert.idefense.com/KODetails.jhtml?irId=207650> ID#207650: FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability (iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS) vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers to launch a DoS attack.

Hi, Just want to ask about the status of this:- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0002 >From list archives I gather the fix is still under refinement (but committed (and removed?) in HEAD and RELENG_5_2). One paranoid little shop is running a public web server on RELENG_4_9, and contemplating this patch:-

this is 6.0-STABLE as for Mar 17. KDB: debugger backends: ddb KDB: current backend: ddb Copyright (c) 1992-2006 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.1-PRERELEASE #2: Fri Mar 17 11:05:32 UTC 2006 vlad@host:/usr/src/sys/amd64/compile/DEF_WEB Timecounter

i''m using the following probe to calculate how many bytes are being written by tcp write calls, by process and total: fbt:ip:tcp_output:entry { this->tcpout_size = msgdsize(args[1]); @tcpout_size[execname] = sum(this->tcpout_size); @tcpout_size["TOTAL_TCP_OUT"] = sum(this->tcpout_size); } I run this probe for N seconds. I suppose that if i get the

On May 19, 2005, at 5:53 AM, Christian Brueffer wrote: > Hi, > > fixes for the vulnerability described in http://www.kb.cert.org/ > vuls/id/637934 > were checked in to CURRENT and RELENG_5 by ps in April. > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c > > Revisions 1.270 and 1.252.2.16 > > He didn't commit it to RELENG_5_4 for some

Here's my proposed patch to change RST handling so that ESTABLISHED connections are subject to strict RST checking, but connections in other states are only subject to the "within the window" check. Part 2 of the patch is simply a patch to netstat so that it displays the statistic. As expected, it's very straightforward, the only real question is what to call the statistic...

Box with fresh RELENG_7 panic under heavy network load (more than 50k connections). This panics seems to be senfile(2) related, because when sendfile disabled in nginx, I can't reproduce the problem. Backtrace in all cases like this: # kgdb kernel /spool/crash/vmcore.1 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID#: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x <= 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-RPC requests == from clients could lead to heap == corruption and remote code execution.