On 1/26/06, Will H. Backman <[EMAIL PROTECTED]> wrote: > "By sending carefully crafted sequence of IP packet fragments, a remote > attacker can cause a system running pf with a ruleset containing a > 'scrub fragment crop' or 'scrub fragment drop-ovl' rule to crash." > > 1: Has this been verified to actually cause a panic on OpenBSD, or did > OpenBSD just add the fixes to pf in CVS for the benefit of other > operating systems?
the first. > 2: How common is the use of those rules? that's kinda hard to determine. i don't use them (but i don't use pf).
