Need FreeBSD-SA-00:52(TCP uses weak initial sequence numbers) latest patch
Brahmanand Reddy
brahma.gdb at gmail.com
Fri Jan 12 01:20:47 UTC 2018
Hi Kurt,
Thanks lot responding my mail,
Please explain why you think this should be an issue for FreeBSD 10.2 ?
Currently i am using 10.2 and 10.4, i found this problem/vulnerability
still exist using below script
#!/usr/local/bin/python
from scapy.all import *
# VARIABLES
src = str(input('IP SRC: '))
dst = str(input('IP DST: '))
sport = random.randint(1024,65535)
dport = int(input("DST PORT: "))
# SYN
ip=IP(src=src,dst=dst)
SYN=TCP(sport=sport,dport=dport,flags='S',seq=random.randint(1024,1048576),
ack=0)
SYNACK=sr1(ip/SYN)
print('Seq1 Number is :',SYNACK[TCP].seq) ==> Seq1
# RST
RST=TCP(sport=sport, dport=dport, flags='R', seq=SYNACK.ack, ack=0)
send(ip/RST)
#SYN
SYN2=TCP(sport=sport,dport=dport,flags='S',seq=random.randint(1024,1048576),
ack=0)
SYNACK2=sr1(ip/SYN2)
print('Seq2 Number is :',SYNACK2[TCP].seq) ==>
same ISN number i observed/receiving.
I mean seq1=seq2, TCP ISN reusing.
i think the patch is available on 10.4 on wards, but i dint found
exactly/similar patch from https://www.freebsd.org/security/patches/
It could be great to confirm what is the corresponding latest patch this
problem would be solved. Kindly correct me anything i am missing.
Sincerely,
Brahma
On Thu, Jan 11, 2018 at 10:45 PM, Kurt Jaeger <pi at freebsd.org> wrote:
> Hi!
>
> > Please share the corresponding FreeBSD-SA-00:52(*TCP uses weak initial
> > sequence numbers*) latest patch.
> >
> > the original problem reported on :
> > https://www.freebsd.org/security/advisories/FreeBSD-
> SA-00%3A52.tcp-iss.asc
>
> That's a security annoucement for FreeBSD 3.x to 5.x.
>
> Please explain why you think this should be an issue for FreeBSD 10.2 ?
>
> And, by the way: FreeBSD 10.2 is a old, no-longer supported version.
>
> https://www.freebsd.org/releases/
>
> lists which versions are still supported.
>
> --
> pi at FreeBSD.org +49 171 3101372 2 years to go !
>
More information about the freebsd-security
mailing list