Results 1 to 3 of 3

Hybrid View

  1. #1
    Join Date
    May 2002
    Location
    Sweden
    Posts
    526

    TCP Vulnerability

    Don't know if this has been posted in another thread, it is pretty new and should have been released tomorrow, but Washington Post blew it..

    http://www.uniras.gov.uk/vuls/2004/236929/index.htm
    Last edited by Maximiliam; 04-20-2004 at 01:42 PM.
    I like to help

  2. #2
    Join Date
    Oct 2001
    Posts
    1,319
    I just read that and was about to post it... what does this mean for people running servers? Do I need to update linux/windows with a new tcp stack or does this only effect routers/bgp sessions?

    Is this something that can knock down any server or just specific services (such as DNS, bgp, ssl as indicated in the advisory)
    Avi B

  3. #3
    Join Date
    Jun 2003
    Posts
    673
    Mirror at http://securityfocus.com/archive/1/3...7/2004-04-23/0

    This means that remote attackers may be able to close established TCP connections if they know the source and destination IP addresses and port numbers. It doesn't appear to me that this should cause any (direct) concern to people running web-hosting servers. You should worry more about what your upstream is doing to protect their routers from it. :)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •