Full Disclosure mailing list archives
Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble
From: sullo () cirt net
Date: Fri, 23 Apr 2004 08:10:36 -0400
Quoting Kurt Seifried <listuser () seifried org>:
According to the Cisco presentation afterwards, Cisco's RST behavior makes it non vulnerable as there is a wait period after a certain number of bad RST packets are recieved. Thus Cisco IOS is basically not affected.
So, this advisory on Cisco's site is a hoax? It states: "Products which contain a TCP stack are susceptible to this vulnerability. All Cisco products and models are affected." http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml Regards, Sullo -- http://www.cirt.net/ | http://www.osvdb.org/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- TCP Reset Attacks: Paper and Code Now Availble sullo (Apr 22)
- Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Kurt Seifried (Apr 23)
- Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble sullo (Apr 23)
- Re: [VulnDiscuss] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Florian Weimer (Apr 23)
- Re: [VulnDiscuss] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Kurt Seifried (Apr 23)
- Re: Re: [VulnDiscuss] Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Gregory A. Gilliss (Apr 23)
- Re: [VulnWatch] TCP Reset Attacks: Paper and Code Now Availble Kurt Seifried (Apr 23)