FreeBSD Security Advisory FreeBSD-SA-05:15 – Two problems have been discovered in the FreeBSD TCP stack. First, when a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal “recent” timestamp for a connection. Second, a TCP packet with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/38381/FreeBSD-SA-05-15.tcp.txt
Source: https://packetstormsecurity.com/files/38381/FreeBSD-SA-05-15.tcp.txt.html