> On 25 Feb 2015, at 12:24, Karl Pielorz <kpielorz_...@tdx.co.uk> wrote: > > > Hi, > > Presumably if you don't need IGMP, ipfw can be used to mitigate this on hosts > until they're patched / rebooted, i.e. > > ipfw add x deny igmp from any to any > > ?
This suggests that you can filter the traffic: Block incoming IGMP packets by protecting your host/networks with a firewall. (Quote from the SA). Br, Remko > > Thanks, > > -Karl > > ---------- Forwarded Message ---------- > Date: 25 February 2015 06:29 +0000 > From: FreeBSD Security Advisories <security-advisor...@freebsd.org> > To: FreeBSD Security Advisories <security-advisor...@freebsd.org> > Subject: FreeBSD Security Advisory FreeBSD-SA-15:04.igmp > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > =========================================================================== > == FreeBSD-SA-15:04.igmp Security > Advisory The > FreeBSD Project > > Topic: Integer overflow in IGMP protocol > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org" -- /"\ Best regards, | re...@freebsd.org \ / Remko Lodder | remko@EFnet X http://www.evilcoder.org/ | / \ ASCII Ribbon Campaign | Against HTML Mail and News
signature.asc
Description: Message signed with OpenPGP using GPGMail
