nanog mailing list archives

Cisco Vulnerability in a Variant of the TCP Timestamps Option

From: "Fergie (Paul Ferguson)" <fergdawg () netzero net>
Date: Thu, 19 May 2005 14:11:03 GMT



Cisco yesterday reported a vulnerability with some implementations of the Transmission Control Protocol (TCP) 
Timestamps option (RFC1323) are vulnerable to a Denial of Service (DoS) attack from specifically crafted packets. Cisco 
also states that only certain implementations of the TCP Timestamps option are vulnerable.

The entire security alert can be found here:
http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml

- ferg

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

Current thread:

Cisco Vulnerability in a Variant of the TCP Timestamps Option Fergie (Paul Ferguson) (May 19)
- Re: Cisco Vulnerability in a Variant of the TCP Timestamps Option trainier (May 19)