FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

many out-of-sequence TCP packets denial-of-service

Affected systems
5.2 <= FreeBSD < 5.2.1_2
5.0 <= FreeBSD < 5.1_15
4.9 <= FreeBSD < 4.9_3
4.8 <= FreeBSD < 4.8_16
FreeBSD < 4.7_26

Details

VuXML ID e289f7fd-88ac-11d8-90d1-0020ed76ef5a
Discovery 2004-02-18
Entry 2004-04-07
Modified 2004-05-05

FreeBSD does not limit the number of TCP segments that may be held in a reassembly queue. A remote attacker may conduct a low-bandwidth denial-of-service attack against a machine providing services based on TCP (there are many such services, including HTTP, SMTP, and FTP). By sending many out-of-sequence TCP segments, the attacker can cause the target machine to consume all available memory buffers (``mbufs''), likely leading to a system crash.

References

CVE Name CVE-2004-0171
FreeBSD Advisory SA-04:04.tcp
URL http://www.idefense.com/application/poi/display?id=78&type=vulnerabilities