IPFilter Fragment Rule Bypass Vulnerability

Solution:
Darren Reed has made patches available that will fix this vulnerability. An upgrade, version 3.4.17, is also available.

On NetBSD systems (if supported by the architecture), the kernel binary can be patched using gdb:db:

# gdb --write /netbsd
(gdb) set ipfr_inuse=1000000
(gdb) quit

Systems running NetBSD-current dated from before April 6, 2001 should be upgraded to NetBSD-current dated April 6, 2001 or later.

Systems running NetBSD 1.5.x systems dated from before April 14, 2001 should be upgraded to NetBSD 1.5.x dated April 14, 2001 or later.

NetBSD 1.5.1 will ship with the fix.

Systems running NetBSD 1.4.x systems dated from before April 14, 2001 should be upgraded to NetBSD 1.4.x dated April 14, 2001 or later.

HP offers a version of IPFilter for HP-UX called IPFilter/9000. An upgrade is available for free that eliminates the vulnerability. Versions A.03.05.02 and higher of IPFilter/9000 are not vulnerable.


HP IPFilter/9000

Darren Reed IPFilter 3.1.10

Darren Reed IPFilter 3.1.2

Darren Reed IPFilter 3.1.3

Darren Reed IPFilter 3.1.4

Darren Reed IPFilter 3.1.5

Darren Reed IPFilter 3.1.6

Darren Reed IPFilter 3.1.7

Darren Reed IPFilter 3.1.8

Darren Reed IPFilter 3.1.9

Darren Reed IPFilter 3.2.1

Darren Reed IPFilter 3.2.10

Darren Reed IPFilter 3.2.2

Darren Reed IPFilter 3.2.20

Darren Reed IPFilter 3.2.21

Darren Reed IPFilter 3.2.22

Darren Reed IPFilter 3.2.3

Darren Reed IPFilter 3.2.4

Darren Reed IPFilter 3.2.5

Darren Reed IPFilter 3.2.6

Darren Reed IPFilter 3.2.7

Darren Reed IPFilter 3.2.8

Darren Reed IPFilter 3.2.9

Darren Reed IPFilter 3.3.1

Darren Reed IPFilter 3.3.10

Darren Reed IPFilter 3.3.11

Darren Reed IPFilter 3.3.12

Darren Reed IPFilter 3.3.13

Darren Reed IPFilter 3.3.14

Darren Reed IPFilter 3.3.15

Darren Reed IPFilter 3.3.16

Darren Reed IPFilter 3.3.17

Darren Reed IPFilter 3.3.18

Darren Reed IPFilter 3.3.19

Darren Reed IPFilter 3.3.2

Darren Reed IPFilter 3.3.20

Darren Reed IPFilter 3.3.21

Darren Reed IPFilter 3.3.5

Darren Reed IPFilter 3.3.6

Darren Reed IPFilter 3.3.7

Darren Reed IPFilter 3.3.8

Darren Reed IPFilter 3.3.9

Darren Reed IPFilter 3.4.1

Darren Reed IPFilter 3.4.10

Darren Reed IPFilter 3.4.11

Darren Reed IPFilter 3.4.12

Darren Reed IPFilter 3.4.13

Darren Reed IPFilter 3.4.14

Darren Reed IPFilter 3.4.15

Darren Reed IPFilter 3.4.16

Darren Reed IPFilter 3.4.2

Darren Reed IPFilter 3.4.3

Darren Reed IPFilter 3.4.4

Darren Reed IPFilter 3.4.5

Darren Reed IPFilter 3.4.6

Darren Reed IPFilter 3.4.7

Darren Reed IPFilter 3.4.8

Darren Reed IPFilter 3.4.9

FreeBSD FreeBSD 4.1

FreeBSD FreeBSD 4.1.1

FreeBSD FreeBSD 4.2

SCO Open Server 5.0.6 a

SCO Open Server 5.0.6


 

Privacy Statement
Copyright 2010, SecurityFocus