Openbsd Denial Of Service

oxydrine

Jan 13 2005, 12:00 PM

A vulnerability has been reported in OpenBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the TCP stack when calculating TCP retransmission timeouts. This can be exploited to crash the system by sending some specially crafted packets with specific values in the TCP timestamp option.

Patches

OpenBSD 3.6:
ftp://ftp.openbsd.org/pub/OpenBSD/patches...n/010_rtt.patch

OpenBSD 3.5:
ftp://ftp.openbsd.org/pub/OpenBSD/patches...n/027_rtt.patch

more info : http://secunia.com/advisories/13819/

++

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.