BSD Out Of Sequence Packets Remote Denial Of Service Vulnerability

BSD Out Of Sequence Packets Remote Denial Of Service Vulnerability

Solution:
Fixes for certain FreeBSD revisions have been made available to correct this issue.

SGI has released an advisory (20040905-01-P) and updates dealing with this issue for affected IRIX platforms. Customers are advised to see the referenced advisory for further information regarding obtaining and applying appropriate updates.

BorderWare has released patches dealing with this issue for their Firewall Server product. Please contact the vendor for more information and details on obtaining the patch.

F5 BIG-IP and 3-DNS are also reportedly affected by this issue. Customers with AskF5 access may find instructions on obtaining and applying patches at the following location:

http://tech.f5.com/home/bigip/solutions/advisories/sol3369.html

F5 customers may also contact support@f5.com for further details.

Patches have also been made available for OpenBSD.

OpenBSD OpenBSD 3.3

OpenBSD 018_tcp.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/018_tcp.patch

OpenBSD OpenBSD 3.4

OpenBSD 013_tcp.patch
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/013_tcp.patch

FreeBSD FreeBSD 4.8

FreeBSD tcp47.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:04/tcp47.patch

FreeBSD FreeBSD 4.9

FreeBSD tcp47.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:04/tcp47.patch

FreeBSD FreeBSD 5.2

FreeBSD tcp52.patch
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-04:04/tcp52.patch

SGI IRIX 6.5.22

SGI 5738
ftp://patches.sgi.com/support/free/security/patches/6.5.22/patch5738.t ar

SGI IRIX 6.5.23

SGI 5737
ftp://patches.sgi.com/support/free/security/patches/6.5.23/patch5737.t ar

SGI IRIX 6.5.24

SGI 5728
ftp://patches.sgi.com/support/free/security/patches/6.5.24/patch5728.t ar

SGI IRIX 6.5.25

SGI 5729
ftp://patches.sgi.com/support/free/security/patches/6.5.25/patch5729.t ar