In association with heise online

06 April 2011, 09:44

NetBSD and FreeBSD patch hole in IPComp implementation

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Network logo A hole in the IPComp protocol implementation of certain operating systems can be exploited to compromise a server. IPComp is used for compressing individual IP datagrams mainly in conjunction with IPSec and other VPN technologies. According to Tavis Ormandy, certain embedded datagrams can cause a recursion after they have been unpacked, which results in a kernel stack overflow.

This reportedly allows attackers to inject arbitrary code into a system and, in all probability, execute it there. An attack could trigger a system crash even in the simplest of scenarios. Ormandy says that no previous authentication is required, and that attacks can also be launched using a forged sender address.

The IPSec stack implementations of NetBSD and FreeBSD, as well as such derivatives as the Darwin kernel, are affected. NetBSD and FreeBSD have released patches to fix the problem.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit