Summary
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:13.ipfw.asc
Solution
Upgrade your system to the appropriate stable release or security branch dated after the correction date
https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-05:13.ipfw.asc
Insight
ipfw(8) is a system facility which allows IP packet filtering, redirecting, and traffic accounting. ipfw lookup tables are a way to specify many IP addresses which can be used for packet matching in an efficient manner.
The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be incorrectly matched against a lookup table.
Severity
Classification
-
CVE CVE-2005-2019 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities