DoS through TCP sequence number vulnerability

SecurityFocus is reporting that multiple vendors are affected by a newly found design flaw in common TCP implementations.  The flaw allows remote attackers to effectively end a TCP session by sending an RST or SYN packet with an approximated TCP sequence number and a forged source IP address.  This would reset the TCP connection and effectively cause a denial of service attack.  Microsoft is one of a long list of vendors on the affected list so you can bet the eggheads at SlashNot are going to highlight their name among them all.

Be Sociable, Share!

    One Thought on “DoS through TCP sequence number vulnerability

    1. somehow that exploit seems like old news … years old … or is this a new flavor?

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Post Navigation