A logic error in the IP fragment cache functionality in pf in FreeBSD 5.3, 5.4, and 6.0, and OpenBSD, when a 'scrub fragment crop' or 'scrub fragment drop-ovl' rule is being used, allows remote malicious users to cause a denial of service (crash) via crafted packets that cause a packet fragment to be inserted twice.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 5.3 |
||
freebsd freebsd 6.0 |
||
freebsd freebsd 5.4 |