Multiple.Vendor.TCP.Timestamp.Option.DoS
Description
This indicates a possible attempt to exploit a Denial of Service (DoS) vulnerability in multiple TCP implementations.
Multiple TCP implementations with "Protection Against Wrapped Sequence Numbers" (PAWS), and the timestamps option enabled, allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value. This causes the host to discard later packets because they appear to be too old.
Affected Products
OpenBSD 3.x
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Update to OpenBSD 3.7 or recent version
Upgrade to SCO Unixware 7.1.4 or recent version
Apply patch:
http://www.microsoft.com/technet/security/Bulletin/ms05-019.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-03-28 | 14.582 | Sig Added |