=====================================================================
                                 CERT-Renater

                      Note d'Information No. 2004/VULN110
_____________________________________________________________________

DATE                      : 15/03/2004

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : OpenBSD.
                            
======================================================================

OpenBSD's TCP/IP stack did not impose limits on how many out-of-order
TCP segments are queued in the system.

If an attacker was allowed to connect to an open TCP port, he could send
out-of-order TCP segments and trick the system into using all available
memory buffers.  Packet handling would be impaired, and new connections
would fail until the the attacking TCP connection is closed.

The problem is fixed in -current, 3.4-stable and 3.3-stable.

Patches are available at:

  ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/013_tcp.patch
  ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/018_tcp.patch


======================================================================

        =========================================================
        Les serveurs de référence du CERT-Renater
        http://www.urec.fr/securite
        http://www.cru.fr/securite
        http://www.renater.fr 
	=========================================================
	+ CERT-RENATER		| tel : 01-53-94-20-44		+
	+ 151 bd de l'Hopital	| fax : 01-53-94-20-41		+
	+ 75013 Paris		| email: certsvp@renater.fr	+
	=========================================================