Security experts at the FreeBSD Project, the open-source operating system group, are asking users to patch their systems against a memory buffer vulnerability that opens the doors to a distributed denial of service
iDEFENSE originally discovered the exploit Jan. 22 and contacted the organization about the vulnerability, which attacks open TCP
According to the security advisory, the DDoS will continue until all ports on the machine are closed, either by the exploiter or the network administrator.
According to the FreeBSD Project, the vulnerability affects all versions of the operating system, and recommend users: upgrade to 4-STABLE, RELENG_5_2, RELENG_4_9 or RELENG_4_8; or patch the present system. For FreeBSD 5.2, download the patches here and here, and for versions 4.8 and 4.9, here and here.
Until FreeBSD systems have been patched, iDEFENSE officials said administrators can “mitigate some denial-of-service attacks by implementing timeouts at the application level.”
Outside of pure FreeBSD, the only other operating system that could be impacted is Apple’s Mac OS X 1.3x code-named Panther, which features some FreeBSD 5 code in its Darwin architecture. A representative from Apple told internetnews.com the company was checking into the advisory but could not say if Panther systems would need a patch or an upgrade.
This is the second flaw found in the FreeBSD OS in less than a week. On Friday the Group issued a warning of a programming error in the “jail_attach” system call. The procedure affects the way that system call verifies the privilege level of the calling process. Instead of failing immediately if the calling process was already jailed, the Group said the affected jail_attach system call would fail only after changing the calling process’s root directory.
Unlike the DDoS vulnerability, there seems to be no workaround and systems at risk are being advised to upgrade to 5.2.1-RELEASE, or to the RELENG_5_2 or RELENG_5_1 security branch dated after the correction date.
FreeBSD