[VulnWatch] TCP reset vulnerability

From: Chris Wysopal (weld_at_vulnwatch.org)
Date: 04/20/04

Next message: Jelson Pat: "[VulnWatch] TCP/BGP EXPLOIT & Snort Signature"

Previous message: Wojciech Purczynski: "[VulnWatch] Linux kernel setsockopt MCAST_MSFILTER integer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 20 Apr 2004 12:01:57 -0500 (EST)
To: vulnwatch@vulnwatch.org

NISCC Vulnerability Advisory 236929

Vulnerability Issues in TCP

Version Information

Advisory Reference 236929
Release Date 20 April 2004
Last Revision 20 April 2004
Version Number 1.0

What is Affected?

The vulnerability described in this advisory affects implementations of
the Transmission Control Protocol (TCP) that comply with the Internet
Engineering Task Force.s (IETF.s) Requests For Comments (RFCs) for TCP,
including RFC 793, the original specification, and RFC 1323, TCP
Extensions for High Performance.

TCP is a core network protocol used in the majority of networked computer
systems today. Many vendors include support for this protocol in their
products and may be impacted to varying degrees. Furthermore any network
service or application that relies on a TCP connection will also be
impacted, the severity depending primarily on the duration of the TCP
session.

Full Advisory
http://www.uniras.gov.uk/vuls/2004/236929/index.htm

Next message: Jelson Pat: "[VulnWatch] TCP/BGP EXPLOIT & Snort Signature"

Previous message: Wojciech Purczynski: "[VulnWatch] Linux kernel setsockopt MCAST_MSFILTER integer overflow"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP
... NISCC Vulnerability Advisory 236929 ... Vulnerability Issues in TCP ... The issue described in this advisory is the practicability of resetting an established TCP connection by sending suitable TCP packets with the RST or SYN flags set. ... NISCC has produced best practice guidelines for BGP available at ...
(Bugtraq)
NISCC Vulnerability Advisory 236929: Vulnerability Issues in TCP (was Re: [Full-Disclosure] Core Int
... NISCC Vulnerability Advisory 236929 ... Vulnerability Issues in TCP ... established TCP connection by sending suitable TCP packets with the RST ...
(Full-Disclosure)
Re: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
... NISCC Vulnerability Advisory 236929 ... Vulnerability Issues in TCP ... > attack on TCP BGP sessions? ...
(Full-Disclosure)
[NT] CitectSCADA ODBC Service Vulnerability
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... are distributed in over 80 countries through a network of more than 500 ... A vulnerability was found in CitectSCADA that could allow a remote ...
(Securiteam)
APC Security Advisory - Static factory password vulnerability
... APC Security Advisory - Static factory password vulnerability ... Customers with products that have APC's hardware-based network ... This advisory does not apply to any products based on Network ...
(Bugtraq)