Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    US Cert Vulnerability Note #464113 - TCP SYN (FIN)

    Scheduled Pinned Locked Moved Firewalling
    1 Posts 1 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      jmcentire
      last edited by

      This is old, so I am sure it is taken care of, but since freebsd is listed as unknown I need to find out for sure(so I can mark it off the list for the auditors).

      http://www.kb.cert.org/vuls/id/464113

      Here is the summary from the vulnerability scan:
      The remote host does not discard TCP SYN packets which have the FIN flag set. Depending on the kind of firewall you are using, an attacker may use this flaw to bypass its rules.

      Could someone confirm for me that pfsense/freebsd is not vulnerable to this?

      Thanks

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.