Japan IPA has disclosed the following vulnerability report on DDoS possibilities regarding the BSD Net/2 TCP Timer implementation. The report says FreeBSD 5.4 is vulnerable and *BSD OSes have possibilities to be attacked.
IPA says the assigned CVE number is CVE-2014-7250.
A release of necessary patches from the FreeBSD Security Team ASAP is appreciated.
(Note that this information does not specify the vulnerable versions of the FreeBSD OS, so I set the version to 10.1-RELEASE just as a placeholder.)
MARKED AS SPAM