February 18th, 2004, 11:37
BM_207650 - MEDIUM - Vulnerability - Version: 1 2/18/2004@03:47:29 GMT
Initial report
FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability (iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS) vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers to launch a DoS attack.

By sending many out-of-sequence packets, a low bandwidth denial of service attack is possible against FreeBSD. When the targeted system runs out of memory buffers (mbufs), it is no longer able to accept or create new connections.

Analysis: (iDEFENSE US) Exploitation of this vulnerability requires that the targeted system has at least one open TCP port.

The DoS will last until the port is closed, either by the attacker or the target machine.

Detection: iDEFENSE has confirmed this vulnerability exists in FreeBSD 5.1 (default install from media). It is expected that it also exists in earlier versions.

Exploit: iDEFENSE has proof of concept exploit code demonstrating the impact of this vulnerability.

Vulnerability Types: Design Error - Denial of Service
Prevalence and Popularity: Almost always
Evidence of Active Exploitation or Probing: No known exploitation or spike in probing
Ease of Exploitation: Remotely Exploitable
Existence and Availability of Exploit Code: An Exploit exists and is closely traded.
Vulnerability Consequence: Availability