FreeBSD Accept Filter Denial of Service Vulnerability

info
discussion
exploit
solution
references

FreeBSD Accept Filter Denial of Service Vulnerability

It has been reported that it is possible to deny access to a service when FreeBSD accept filters are in use. This occurs because of an error in the implementation of these filters. It is possible to fill the connection queue by sending repeated 'incomplete' requests (for example, partial HTTP requests). Until the connections time out or are completed, other clients will not be able to access the service.