BSD.Out.Of.Sequence.Packets.DoS
Description
This indicates an attack attempt to exploit a Denial of Service vulnerability in FreeBSD.
This issue is caused by an error in the vulnerable system when handling too many out of sequence TCP packets. It may allow remote attackers to crash vulnerable systems by sending crafted out of sequence TCP packets.
Affected Products
FreeBSD Project FreeBSD Release 4
FreeBSD Project FreeBSD Release 4.8
FreeBSD Project FreeBSD Release 4.9
FreeBSD Project FreeBSD Release 5.2
Impact
System Compromise: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the appropriate patch,available for the web site.
OpenBSD OpenBSD 3.3
OpenBSD 018_tcp.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/018_tcp.patch
OpenBSD OpenBSD 3.4
OpenBSD 013_tcp.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/013_tcp.patch
FreeBSD FreeBSD 4.8
FreeBSD tcp47.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:04/tcp47.patch
FreeBSD FreeBSD 4.9
FreeBSD tcp47.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:04/tcp47.patch
FreeBSD FreeBSD 5.2
FreeBSD tcp52.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:04/tcp52.patch
SGI IRIX 6.5.22
SGI 5738
ftp://patches.sgi.com/support/free/security/patches/6.5.22/patch5738.tar
SGI IRIX 6.5.23
SGI 5737
ftp://patches.sgi.com/support/free/security/patches/6.5.23/patch5737.tar
SGI IRIX 6.5.24
SGI 5728
ftp://patches.sgi.com/support/free/security/patches/6.5.24/patch5728.tar
SGI IRIX 6.5.25
SGI 5729
ftp://patches.sgi.com/support/free/security/patches/6.5.25/patch5729.tar
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |