FreeBSD ipfw ICMP IP fragment denial of service
| ipfw-icmp-fragment-dos (24073) |  Low Risk |
Description:
The ipfw packet filtering utility in FreeBSD is vulnerable to a denial of service attack. A remote attacker could send specially-crafted ICMP IP fragments to an affected system to cause the firewall to crash.
Platforms Affected:
- FreeBSD, FreeBSD 6.0
Remedy:
Refer to FreeBSD Security Advisory FreeBSD-SA-06:04.ipfw for patch or upgrade information. See References.
Consequences:
Denial of Service
References:
- FreeBSD Security Advisory FreeBSD-SA-06:04.ipfw , ipfw IP fragment denial of service at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:04.ipfw.asc.
- BID-16209: FreeBSD IPFW IP Fragment Remote Denial Of Service Vulnerability
- CVE-2006-0054: The ipfw firewall in FreeBSD 6.0-RELEASE allows remote attackers to cause a denial of service (firewall crash) via ICMP IP fragments that match a reset, reject or unreach action, which leads to an access of an uninitialized pointer.
- OSVDB ID: 22319: FreeBSD ipfw Layer 4 Tracking Fragmented IP Packet Remote DoS
- SA18378: FreeBSD ipfw IP Fragment Denial of Service Vulnerability
- SECTRACK ID: 1015477: FreeBSD ipfw Error in Processing IP Fragments May Let Remote Users Deny Service
Reported:
Jan 11, 2006
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net