Full Disclosure mailing list archives

Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble

From: sullo () cirt net
Date: Fri, 23 Apr 2004 08:10:36 -0400

Quoting Kurt Seifried <listuser () seifried org>:

According to the Cisco presentation afterwards, Cisco's RST behavior makes
it non vulnerable as there is a wait period after a certain number of bad
RST packets are recieved. Thus Cisco IOS is basically not affected.


So, this advisory on Cisco's site is a hoax? It states:
"Products which contain a TCP stack are susceptible to this vulnerability. All
Cisco products and models are affected."

http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml


Regards,
Sullo



--

http://www.cirt.net/   |   http://www.osvdb.org/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

TCP Reset Attacks: Paper and Code Now Availble sullo (Apr 22)
- Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Kurt Seifried (Apr 23)
  - Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble sullo (Apr 23)
  - Re: [VulnDiscuss] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Florian Weimer (Apr 23)
    - Re: [VulnDiscuss] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Kurt Seifried (Apr 23)
    - Re: Re: [VulnDiscuss] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Gregory A. Gilliss (Apr 23)