Vulnwatch mailing list archives

TCP reset vulnerability


From: Chris Wysopal <weld () vulnwatch org>
Date: Tue, 20 Apr 2004 12:01:57 -0500 (EST)


NISCC Vulnerability Advisory 236929

Vulnerability Issues in TCP


Version Information

Advisory Reference 236929
Release Date 20 April 2004
Last Revision 20 April 2004
Version Number 1.0


What is Affected?

The vulnerability described in this advisory affects implementations of
the Transmission Control Protocol (TCP) that comply with the Internet
Engineering Task Force.s (IETF.s) Requests For Comments (RFCs) for TCP,
including RFC 793, the original specification, and RFC 1323, TCP
Extensions for High Performance.

TCP is a core network protocol used in the majority of networked computer
systems today. Many vendors include support for this protocol in their
products and may be impacted to varying degrees. Furthermore any network
service or application that relies on a TCP connection will also be
impacted, the severity depending primarily on the duration of the TCP
session.

Full Advisory
http://www.uniras.gov.uk/vuls/2004/236929/index.htm


Current thread: