What's the status of this vulnerability with NetBSD?  CERT lists NetBSD as
"unknown", notified March 9, 2005.  Both FreeBSD and OpenBSD are listed as
"vulnerable".

-------------------
  http://www.kb.cert.org/vuls/id/637934

  TCP does not adequately validate segments before updating timestamp value

  Overview

  Certain TCP implementations may allow a remote attacker to arbitrarily
  modify host timestamp values, leading to a denial-of-service condition.

  I. Description

  The Transmission Control Protocol (TCP) is defined in RFC 793 as a means to
  provides reliable host-to-host transmission between hosts in a
  packet-switched computer networks. RFC 1323 introduced techniques to
  increase the performance of TCP. Two such techniques are TCP timestamps and
  Protection Against Wrapped Sequence Numbers (PAWS).