nanog mailing list archives

Re: Cisco Vulnerability in a Variant of the TCP Timestamps Option

From: trainier () kalsec com
Date: Thu, 19 May 2005 10:21:57 -0400

It's a little broader than just cisco equipment.
http://www.securityfocus.com/bid/13676



"Fergie (Paul Ferguson)" <fergdawg () netzero net> 
Sent by: owner-nanog () merit edu
05/19/2005 10:11 AM

To
nanog () merit edu
cc

Subject
Cisco Vulnerability in a Variant of the TCP Timestamps Option








Cisco yesterday reported a vulnerability with some implementations of the 
Transmission Control Protocol (TCP) Timestamps option (RFC1323) are 
vulnerable to a Denial of Service (DoS) attack from specifically crafted 
packets. Cisco also states that only certain implementations of the TCP 
Timestamps option are vulnerable.

The entire security alert can be found here:
http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml

- ferg

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

Current thread:

Cisco Vulnerability in a Variant of the TCP Timestamps Option Fergie (Paul Ferguson) (May 19)
- Re: Cisco Vulnerability in a Variant of the TCP Timestamps Option trainier (May 19)