More or less. When doing a sequence number guessing attack, one of the
problems faced by the attacker is preventing the spoofed machine from
replying with an RST to the SYN+AC for a connection it knows nothing
about. Morris's original version used a low-rate SYN flood that
exploited a bug in the BSD kernel to effectively gag a low-numbered
port. His paper can be found at
ftp://ftp.research.att.com/dist/internet_security/117.ps.Z
This isn't the same weakness that was exploited by the early SYN
floods, but it took advantage of the same limit on half-open
connections.
--Steve Bellovin, http://www.research.att.com/~smb