FreeBSD : FreeBSD -- TCP MD5 signature denial of service (79dfc135-600a-11e6-a6c3-14dae9d210b8)
High Nessus Plugin ID 92918
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionA programming error in processing a TCP connection with both TCP_MD5SIG and TCP_NOOPT socket options may lead to kernel crash.
Impact : A local attacker can crash the kernel, resulting in a denial-of-service.
A remote attack is theoretically possible, if server has a listening socket with TCP_NOOPT set, and server is either out of SYN cache entries, or SYN cache is disabled by configuration.
SolutionUpdate the affected packages.