Cisco yesterday reported a vulnerability with some implementations of the Transmission Control Protocol (TCP) Timestamps option (RFC1323) are vulnerable to a Denial of Service (DoS) attack from specifically crafted packets. Cisco also states that only certain implementations of the TCP Timestamps option are vulnerable.
The entire security alert can be found here:
http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
- ferg
It’s a little broader than just cisco equipment.
http://www.securityfocus.com/bid/13676
"Fergie (Paul Ferguson)" fergdawg@netzero.net
Sent by: owner-nanog@merit.edu
05/19/2005 10:11 AM
To
nanog@merit.edu
cc
Subject
Cisco Vulnerability in a Variant of the TCP Timestamps Option
Cisco yesterday reported a vulnerability with some implementations of the Transmission Control Protocol (TCP) Timestamps option (RFC1323) are vulnerable to a Denial of Service (DoS) attack from specifically crafted packets. Cisco also states that only certain implementations of the TCP Timestamps option are vulnerable.
The entire security alert can be found here:
http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg@netzero.net or fergdawg@sbcglobal.net
ferg's tech blog: http://fergdawg.blogspot.com/