VU#464113 - TCP/IP implementations handle unusual flag combinations inconsistently


This may be old news to many, but I wanted to follow-up to the message I
sent last October on this subject:


We have now published information about this issue here:


We also have a few reports of possible exploitation.

If you have feedback, please send mail to with VU#464113 in
the subject header.

Thanks to the NANOG community for prior feedback on this issue.


Ian Finlay
Internet Systems Security Analyst - CERT/CC Operations
Networked Systems Survivability Program