Re: Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability

From: Jacques A. Vidrine (nectar_at_FreeBSD.org)
Date: 04/22/04

Next message: Jacques A. Vidrine: "Re: Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"

Previous message: Frankye - ML: "Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
In reply to: Frankye - ML: "Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
Next in thread: Jacques A. Vidrine: "Re: Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
Reply: Jacques A. Vidrine: "Re: Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 22 Apr 2004 07:11:56 -0500
To: Frankye - ML <listsucker@ipv5.net>

On Thu, Apr 22, 2004 at 01:51:12PM +0200, Frankye - ML wrote:
[...]
> Additionally, the 4.4BSD stack from which NetBSD's stack is derived, did
> not even check that a RST's sequence number was inside the window. RSTs
> anywhere to the left of the window were treated as valid.
>
> The fact that this has gone unnoticed for so long is an indication that
> there have not been a large number of RST/SYN DoS attacks ocurring in the
> wild.

Hmm, is this the same issue that we corrected in 1998? Certainly we
became aware of it because it *was* being exploited.

Cheers,

-- 
Jacques Vidrine / nectar@celabo.org / jvidrine@verio.net / nectar@freebsd.org
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

Next message: Jacques A. Vidrine: "Re: Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"

Previous message: Frankye - ML: "Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
In reply to: Frankye - ML: "Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
Next in thread: Jacques A. Vidrine: "Re: Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
Reply: Jacques A. Vidrine: "Re: Fw: [bugtraq] NetBSD Security Advisory 2004-006: TCP protocol and implementation vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: [RosAsm example]
... | using a CreateWindowEx() function call to create the main window, ... pop D$return;and reset stack for DefProc ... ;mov edx D$esp+020;whdl ...
(alt.lang.asm)
minidump analysis
... A window asking to send error to Microsoft appears and a minidump is ... Only registers, stack and portions of memory are ... System Uptime: not available ... Symbol search path is: srv*c: ...
(microsoft.public.dotnet.languages.csharp)
Re: Setting size limit of data while reading or writing from sockets
... the stack may wait for the application, ... With TCP, the available room in the socket receive buffer is ... Since he has no idea what window TCP advertises to the other end ... ... existing implementations *DO* shrink their windows. ...
(comp.unix.programmer)
Re: minidump analysis
... > "Faulting application IPRRouting.exe, version 1.10.50.19217, faulting ... > A window asking to send error to Microsoft appears and a minidump is ... > Copyright Microsoft Corporation. ... Only registers, stack and portions of memory are ...
(microsoft.public.dotnet.languages.csharp)
Re: After EndDialog(...)
... >> My msdn also says the same thing and I know english to understand it. ... nothing touches the call stack. ... > referring to your own window. ...
(microsoft.public.win32.programmer.ui)