Full Disclosure mailing list archives
Re: Vulnerability in TCP
From: Valdis.Kletnieks () vt edu
Date: Fri, 25 Jun 2010 21:14:08 -0400
On Fri, 25 Jun 2010 14:49:00 EDT, musnt live said:
TCP is called Transmission Control Protocol and it can be with easily testing spoofed.
Only if the vendor is Doing It Very Wrong. RFC1948 Defending Against Sequence Number Attacks. S. Bellovin. May 1996. (Format: TXT=13074 bytes) (Status: INFORMATIONAL) A few years later, Michal Zalewski wrote a paper about it: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.96.9652&rep=rep1&type=pdf And a year after that, a follow up: http://www.packetstormsecurity.org/papers/protocols/newtcp.htm The problem was known for a long time before that: R.T. Morris, "A Weakness in the 4.2BSD UNIX TCP/IP Software", CSTR 117, 1985, AT&T Bell Laboratories, Murray Hill, NJ. http://pdos.csail.mit.edu/~rtm/papers/117-abstract.html Any vendor still botching it in 2010 deserves to be mocked mercilessly.
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Vulnerability in TCP musnt live (Jun 25)
- Re: Vulnerability in TCP ☣frank^2 (Jun 25)
- Re: Vulnerability in TCP Valdis . Kletnieks (Jun 25)
- Re: Vulnerability in TCP Fernando Gont (Jun 26)