“FreeBSD Security Advisory FreeBSD-SA-04:04.tcp“が出ていたので,某所のサーバ2台を本日付けのFreeBSD 4.9-STABLEに更新した.
III. Impactということなので,結構やばめ...
A remote attacker may conduct a low-bandwidth denial-of-service attack against a machine providing services based on TCP (there are many such services, including HTTP, SMTP, and FTP). By sending many out-of-sequence TCP segments, the attacker can cause the target machine to consume all available memory buffers (``mbufs''), likely leading to a system crash.