Vigil@nce: FreeBSD 8.0, denials of service
January 2010 by Vigil@nce
A local or remote attacker can use several denials of service of
FreeBSD 8.0, in order to stop the system.
– Severity: 2/4
– Consequences: denial of service of computer
– Provenance: user shell
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Number of vulnerabilities in this bulletin: 7
– Creation date: 07/01/2010
IMPACTED PRODUCTS
– FreeBSD
DESCRIPTION OF THE VULNERABILITY
Seven denials of service were announced in FreeBSD 8.0.
A malicious NFS client can slow down connections of new users.
[grav:2/4]
A local attacker can try to modify a file on a read-only ZFS
filesystem, in order to panic the system. [grav:1/4]
A local attacker can use a mac_biba/mac_mls MAC policy on a ZFS
filesystem, in order to panic the system. [grav:1/4]
An attacker can send IGMP multicast packets for a group not joint,
in order to stop the system. [grav:2/4]
An attacker can send IGMP multicast packets to forward, in order
to stop the system. [grav:2/4]
An attacker can send a SCTP Shutdown message with an invalid
Transmission Sequence Number, in order to stop the system.
[grav:2/4]
A local attacker can call the rename() function with a filename
ending with "/.", in order to stop the system. [grav:1/4]
A local or remote attacker can therefore stop the system.
CHARACTERISTICS
– Identifiers: FreeBSD-EN-10:01.freebsd, VIGILANCE-VUL-9324
– Url: http://vigilance.fr/vulnerability/FreeBSD-8-0-denials-of-service-9324