Andrew - On Wed, 29 Aug 2007, Andrew Lunn wrote:
> > Also, it may be the case that this > > issue has been solved in the FreeBSD sources. > > http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/kern/uipc_socket.c#rev1.174 > > Looks like there are a few race conditions...... What would you expect as consequences of closing a socket that remained on the 'accept' queue? I am fixing a specific, observed vulnerability in a product with limited network functionality, a vulnerability triggered by some broadly used administrative tools. I would certainly like to know more about related hazards that may bite me. Thanks. John Mills AirDefense, Inc. Alpharetta, GA
