Network TCP Handler: stale socket disposal
John Mills
johnmills@speakeasy.net
Thu Aug 30 13:52:00 GMT 2007
Andrew -
On Wed, 29 Aug 2007, Andrew Lunn wrote:
> > Also, it may be the case that this
> > issue has been solved in the FreeBSD sources.
>
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/kern/uipc_socket.c#rev1.174
>
> Looks like there are a few race conditions......
What would you expect as consequences of closing a socket that remained on
the 'accept' queue?
I am fixing a specific, observed vulnerability in a product with limited
network functionality, a vulnerability triggered by some broadly used
administrative tools. I would certainly like to know more about related
hazards that may bite me.
Thanks.
John Mills
AirDefense, Inc.
Alpharetta, GA
More information about the Ecos-patches
mailing list