Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

FreeBSD Security Advisory (FreeBSD-SA-02:20.syncache.asc)

Information

Severity

Severity

Critical

Family

Family

FreeBSD Local Security Checks

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

4 years ago

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-02:20.syncache.asc

Insight

Insight

The SYN cache (syncache) and SYN cookie mechanism (syncookie) are features of the TCP/IP stack intended to improve resistance to a class of denial of service attacks known as SYN floods. Two related problems with syncache were triggered when syncookies were implemented. 1) When a SYN was accepted via a syncookie, it used an uninitialized pointer to find the TCP options for the new socket. This pointer may be a null pointer, which will cause the machine to crash. 2) A syncache entry is created when a SYN arrives on a listen socket. If the application which created the listen socket was killed and restarted --- and therefore recreated the listen socket with a different inpcb --- an ACK (or duplicate SYN) which later arrived and matched the existing syncache entry would cause a reference to the old inpcb pointer. Depending on the pointer's contents, this might result in a system crash. Because syncache/syncookies support was added prior to the release of FreeBSD 4.5-RELEASE, no other releases are affected.

Solution

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-02:20.syncache.asc