OSVDB ID: 4030 Title: TCP/IP Sequence Prediction Blind Reset Spoofing DoS |
Info |
|
|
Dates |
||||
|
|
Description |
The TCP stack implementation of numerous vendors contains a flaw that may allow a remote denial of service. The issue is triggered when spoofed TCP Reset packets are received by the targeted TCP stack, and will result in loss of availability for the attacked TCP services. |
Classification |
Location:
Local Access Required,
Remote/Network Access Required
Attack Type: Denial of Service, Hijacking, Infrastructure Impact: Loss of Availability Exploit: Exploit Available Disclosure: OSVDB Verified |
Solution |
Install vendor upgrades or patches to resolve this issue. Routers using BGP are highly recommended to implement RFC-2385 (BGP TCP MD5 Signatures) as a work-around. |
Products |
|
Credit |
|
paw.org - OSVDB