Release date:
Updated on:
Affected Systems:
FreeBSD 8.1
FreeBSD 8.0
FreeBSD 7.1
FreeBSD 7.0
Description:
--------------------------------------------------------------------------------
FreeBSD is a UNIX operating system and an important branch of Unix developed from BSD, javasbsd, and 4.4BSD.
FreeBSD has a security vulnerability in implementation. Malicious users can exploit this vulnerability to cause denial of service and control of affected systems.
This vulnerability is caused by an error in processing compressed IPComp loads. You can cause stack overflow by sending specially crafted packets to the affected server.
<* Source: Tavis Ormandy (taviso@gentoo.org)
Link: http://www.openwall.com/lists/oss-security/2011/04/01/1
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
NetBSD
------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.netbsd.org/Security/