Title: Multiple Vendor TCP/IP Implementations Vulnerability
Severity: MODERATE
Description:
On December 21/1998 the CERT Coordination Center released an advisory to announce a denial of service attack which affected some operating systems which relied on BSD derived TCP/IP stacks. While the advisory itself was remarkably vague inspection of the patches issued by the FreeBSD team seem to indicate the vulnerability was related to short packets with certian IP options set. The end result of such an attack resulted in the target box seizing up and ceasing active operation or in other instances a kernel panic and resulting reboot.
Affected Products:
- BSDI BSD/OS 3.1.0
- FreeBSD FreeBSD 1.1.5 .1
- FreeBSD FreeBSD 2.0.0
- FreeBSD FreeBSD 2.0.5
- FreeBSD FreeBSD 2.1.0
- FreeBSD FreeBSD 2.1.5
- FreeBSD FreeBSD 2.1.6
- FreeBSD FreeBSD 2.1.7 .1
- FreeBSD FreeBSD 2.2.2
- OpenBSD OpenBSD 2.2.0
- OpenBSD OpenBSD 2.3.0
- OpenBSD OpenBSD 2.4.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
