Test Kennung:	1.3.6.1.4.1.25623.1.0.52634
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Security Advisory (FreeBSD-SA-02:20.syncache.asc)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-02:20.syncache.asc The SYN cache (syncache) and SYN cookie mechanism (syncookie) are features of the TCP/IP stack intended to improve resistance to a class of denial of service attacks known as SYN floods. Two related problems with syncache were triggered when syncookies were implemented. 1) When a SYN was accepted via a syncookie, it used an uninitialized pointer to find the TCP options for the new socket. This pointer may be a null pointer, which will cause the machine to crash. 2) A syncache entry is created when a SYN arrives on a listen socket. If the application which created the listen socket was killed and restarted --- and therefore recreated the listen socket with a different inpcb --- an ACK (or duplicate SYN) which later arrived and matched the existing syncache entry would cause a reference to the old inpcb pointer. Depending on the pointer's contents, this might result in a system crash. Because syncache/syncookies support was added prior to the release of FreeBSD 4.5-RELEASE, no other releases are affected. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date http://www.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-02:20.syncache.asc
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.