Re: TCP timestamp vulnerability

• Previous message: Saurabh Bhasin: "Re: last command - strange entries?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 21 Jun 2005 14:25:45 -0400
To: Jacques Vidrine <nectar@FreeBSD.org>

Jacques Vidrine wrote:
>
> On May 19, 2005, at 5:53 AM, Christian Brueffer wrote:
>
>> fixes for the vulnerability described in http://www.kb.cert.org/
>> vuls/id/637934
>> were checked in to CURRENT and RELENG_5 by ps in April.
>>
>> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c
>>
>> Revisions 1.270 and 1.252.2.16
>>
>> He didn't commit it to RELENG_5_4 for some reason, so 5.4 shipped with
>> it.
>>
>> My guess is that he didn't notify you guys either.
>>
>> I stumbled upon this through a Heise News article at
>> http://www.heise.de/newsticker/meldung/59672. Sent them an update about
>> the fixed branches, but they'd like to know why this wasn't communicated
>> back to US-CERT yadda yadda yadda.
>
> Thanks, Christian. No, ps@ didn't point it out. It gets a little
> confusing too, since I see that the work was submitted by multiple
> folks, one of which reported another related vulnerability to us on May
> 18 (7 days after that commit). Now to try to untangle what is what ...

My boss asked me to check on whether this problem was fixed for FreeBSD
4.10. I didn't see any advisories related to this, and FreeBSD is still
showing as vulnerable on the CERT web site. It doesn't look like a fix
for this has been committed to any of the 4.X branches. Any word on this?

Thanks for the help.

Richard Coleman
rcoleman@criticalmagic.com
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Saurabh Bhasin: "Re: last command - strange entries?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]