> On 25 Feb 2015, at 12:24, Karl Pielorz <[email protected]> wrote: > > > Hi, > > Presumably if you don't need IGMP, ipfw can be used to mitigate this on hosts > until they're patched / rebooted, i.e. > > ipfw add x deny igmp from any to any > > ?
This suggests that you can filter the traffic: Block incoming IGMP packets by protecting your host/networks with a firewall. (Quote from the SA). Br, Remko > > Thanks, > > -Karl > > ---------- Forwarded Message ---------- > Date: 25 February 2015 06:29 +0000 > From: FreeBSD Security Advisories <[email protected]> > To: FreeBSD Security Advisories <[email protected]> > Subject: FreeBSD Security Advisory FreeBSD-SA-15:04.igmp > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > =========================================================================== > == FreeBSD-SA-15:04.igmp Security > Advisory The > FreeBSD Project > > Topic: Integer overflow in IGMP protocol > > _______________________________________________ > [email protected] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "[email protected]" -- /"\ Best regards, | [email protected] \ / Remko Lodder | remko@EFnet X http://www.evilcoder.org/ | / \ ASCII Ribbon Campaign | Against HTML Mail and News
signature.asc
Description: Message signed with OpenPGP using GPGMail
