• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor TCP Session Acknowledgement Number Denial Of Service Vulnerability

Multiple Vendor TCP/IP stack implementations are reported prone to a denial of service vulnerability.

A report indicates that the vulnerability manifests when an erroneous TCP acknowledgement number is encountered in an active TCP session stream.

A successful attack may result in a degradation of the target connection, effectively denying service for legitimate users. Additionally, reports indicate that the computer being attacked may suffer CPU performance degradation, potentially denying service for local users too.