Описание
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-4609
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340
- https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html
- http://blog.robertlee.name/2008/10/conjecture-speculation.html
- http://insecure.org/stf/tcp-dos-attack-explained.html
- http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html
- http://marc.info/?l=bugtraq&m=125856010926699&w=2
- http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml
- http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html
- http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
- http://www.outpost24.com/news/news-2008-10-02.html
- http://www.us-cert.gov/cas/techalerts/TA09-251A.html
EPSS
CVE ID
Связанные уязвимости
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, ...
EPSS