FreeBSD IPFW Me Point To Point Interface Address Addition Vulnerability

FreeBSD is a freely available BSD-based UNIX Operating System distributed and maintained by the FreeBSD Project.

When ipfw is used with the "me" identifier on a point to point interface, it may result in access to the local host by the remote end of the link. When the "me" identifier is used on the link, ipfw issues the same rules for the remote end of the link. This could allow unintended access to the local system by a remote host, and could lead to potential compromise of local resources.


Privacy Statement
Copyright 2010, SecurityFocus