FreeBSD ppp deny_incoming

2000-11-14T00:00:00
ID OSVDB:1655
Type osvdb
Reporter Robin Melville(robmel@innotts.co.uk)
Modified 2000-11-14T00:00:00

Description

Vulnerability Description

FreeBSD contains a flaw that may allow a malicious user to bypass the nat gateway. The issue was triggered because code was added to permit certain types of data through the nat gateway. It is possible that the flaw may allow all traffic to pass through, despite the "deny_incoming" directive, resulting in a loss of integrity.

Solution Description

Upgrade to version FreeBSD system to 4.1.1-STABLE or 3.5.1-STABLE after the respective correction dates, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): use a true packet filter such as ipfw(8) or ipf(8) on the PPP gateway to deny incoming traffic according to the desired security policy.

Also, FreeBSD has released a patch.

Short Description

FreeBSD contains a flaw that may allow a malicious user to bypass the nat gateway. The issue was triggered because code was added to permit certain types of data through the nat gateway. It is possible that the flaw may allow all traffic to pass through, despite the "deny_incoming" directive, resulting in a loss of integrity.

References:

Vendor URL: http://www.freebsd.org Vendor Specific Advisory URL ISS X-Force ID: 5584 CVE-2000-1167 Bugtraq ID: 1974