NetBSD and FreeBSD patch hole in IPComp implementation
From http://www.h-online.com/security/new...n-1222399.html
Quote:
A hole in the IPComp protocol implementation of certain operating systems can be exploited to compromise a server. IPComp is used for compressing individual IP datagrams mainly in conjunction with IPSec and other VPN technologies. According to Tavis Ormandy, certain embedded datagrams can cause a recursion after they have been unpacked, which results in a kernel stack overflow.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|