• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OpenBSD PF IP Fragment Remote Denial Of Service Vulnerability

Solution:
The OpenBSD CVS tree has had fixes applied since 2006-01-19. These fixes are available for OpenBSD 3.7, 3.8, and -current. Patches can be obtained from CVSweb at:
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/net/pf_norm.c.diff?r1=1.103&r2=1.104

FreeBSD has released an advisory, along with a patch to address this issue. The FreeBSD CVS tree has had fixes applied since 2006-01-25 10:02:27 UTC. Please see the referenced advisory for further information.


FreeBSD FreeBSD 5.4-STABLE

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 5.3 -RELEASE

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 5.3 -RELENG

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 5.3

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 5.3 -STABLE

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 5.4 -RELEASE

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 5.4 -RELENG

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 6.0 -RELEASE

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch

FreeBSD FreeBSD 6.0 -STABLE

• FreeBSD pf.patch
  ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-06:07/pf.patch