Wednesday, September 24, 2003 |
14:41 - Good corporate citizen
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc
|
(top) |
Just got a bulletin from the FreeBSD-Security list, as periodically happens; this one's an ARP DOS attack, a potential liability against attackers on the LAN. It affects all flavors of BSD. Middling risk, though not if you've got a well-controlled data center. Worth noting and patching.
But here's what caught my eye:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
============================================================================= FreeBSD-SA-03:14.arp Security Advisory The FreeBSD Project
Topic: denial of service due to ARP resource starvation
Category: core Module: sys Announced: 2003-09-23 Credits: Apple Product Security <product-security@apple.com> Affects: All releases of FreeBSD FreeBSD 4-STABLE prior to the correction date Corrected: 2003-09-23 16:42:59 UTC (RELENG_4, 4.9-PRERELEASE) 2003-09-23 20:08:42 UTC (RELENG_5_1, 5.1-RELEASE-p6) 2003-09-23 20:07:06 UTC (RELENG_5_0, 5.0-RELEASE-p15) 2003-09-23 16:44:58 UTC (RELENG_4_8, 4.8-RELEASE-p8) 2003-09-23 16:47:34 UTC (RELENG_4_7, 4.7-RELEASE-p18) 2003-09-23 16:49:46 UTC (RELENG_4_6, 4.6-RELEASE-p21) 2003-09-23 16:51:24 UTC (RELENG_4_5, 4.5-RELEASE-p33) 2003-09-23 16:52:45 UTC (RELENG_4_4, 4.4-RELEASE-p43) 2003-09-23 16:54:39 UTC (RELENG_4_3, 4.3-RELEASE-p39) FreeBSD only: NO
What, you mean Apple is acting as a proactive contributor to the BSD/UNIX community?! A commercial computer vendor specializing in making dumbed-down Fisher-Price computers for melonheads? Doing valuable work for open-source UNIXdom? Who'da thunk?
|
|