CVE-2006-0433 Information

Description

Selective Acknowledgement (SACK) in FreeBSD 5.3 and 5.4 does not properly handle an incoming selective acknowledgement when there is insufficient memory which might allow remote attackers to cause a denial of service (infinite loop).

Reference

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:08.sack.asc http://secunia.com/advisories/18696 http://securityreason.com/securityalert/399 http://securitytracker.com/id?1015566 http://www.osvdb.org/22861 http://www.securityfocus.com/bid/16466 http://www.vupen.com/english/advisories/2006/0409 https://exchange.xforce.ibmcloud.com/vulnerabilities/24453