[ipv6hackers] funny FreeBSD bug
Marc Heuse
mh at mh-sec.de
Thu Jul 26 17:35:43 CEST 2012
I found a funny bug in freebsd (9.0 with all updates):
if you send an ICMP toobig message to it with a too low MTU size,
FreeBSD will prepend any packet data with an one-shot fragment (or
atomic fragment as Fernando calls it).
IPv6Hdr
Frag Hdr Offset 0, No more Frags Bit set
ICMP6/TCP/UDP
to test with the thc-ipv6 package (v1.9):
toobig6 eth1 freebsd-ipv6-addr your-ipv6-addr 68
Greets,
Marc
--
Marc Heuse
www.mh-sec.de
PGP: FEDD 5B50 C087 F8DF 5CB9 876F 7FDD E533 BF4F 891A
More information about the Ipv6hackers
mailing list