| Wednesday, September 24, 2003 |
14:41 - Good corporate citizen
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:14.arp.asc
|
(top)  |
Just got a bulletin from the FreeBSD-Security list, as periodically happens; this one's an ARP DOS attack, a potential liability against attackers on the LAN. It affects all flavors of BSD. Middling risk, though not if you've got a well-controlled data center. Worth noting and patching.
But here's what caught my eye:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-03:14.arp Security Advisory
The FreeBSD Project
Topic: denial of service due to ARP resource starvation
Category: core
Module: sys
Announced: 2003-09-23
Credits: Apple Product Security <product-security@apple.com>
Affects: All releases of FreeBSD
FreeBSD 4-STABLE prior to the correction date
Corrected: 2003-09-23 16:42:59 UTC (RELENG_4, 4.9-PRERELEASE)
2003-09-23 20:08:42 UTC (RELENG_5_1, 5.1-RELEASE-p6)
2003-09-23 20:07:06 UTC (RELENG_5_0, 5.0-RELEASE-p15)
2003-09-23 16:44:58 UTC (RELENG_4_8, 4.8-RELEASE-p8)
2003-09-23 16:47:34 UTC (RELENG_4_7, 4.7-RELEASE-p18)
2003-09-23 16:49:46 UTC (RELENG_4_6, 4.6-RELEASE-p21)
2003-09-23 16:51:24 UTC (RELENG_4_5, 4.5-RELEASE-p33)
2003-09-23 16:52:45 UTC (RELENG_4_4, 4.4-RELEASE-p43)
2003-09-23 16:54:39 UTC (RELENG_4_3, 4.3-RELEASE-p39)
FreeBSD only: NO
What, you mean Apple is acting as a proactive contributor to the BSD/UNIX community?! A commercial computer vendor specializing in making dumbed-down Fisher-Price computers for melonheads? Doing valuable work for open-source UNIXdom? Who'da thunk?
|
|
