Multiple Vendor TCP Timestamp PAWS Remote Denial Of Service Vulnerability

Multiple Vendor TCP Timestamp PAWS Remote Denial Of Service Vulnerability

References:

ASA-2005-148 - TCP does not validate segments before updating timestamp (Avaya)
ASA-2006-032 - TCP Denial of Service Vulnerability(SCOSA-2005.64) (Avaya)
AX-VU2005-02 : TCP does not adequately validate segments before updating timesta (ALAXALA Networks)
Cisco Security Notice: Vulnerability in a Variant of the TCP Timestamps Option (Cisco)
CVS log for src/sys/netinet/tcp_input.c (FreeBSD)
Handle an edge condition in tcp(4) timestamps. (OpenBSD)
Microsoft Security Advisory (899480) (Microsoft)
RFC 1323 : TCP Extensions for High Performance (IETF)
RFC 793 : TRANSMISSION CONTROL PROTOCOL (IETF)
RT TCP/IP FAQ (Yamaha)
Security Advisory Bulletins (Nortel Networks)
Security Advisory: TCP Vulnerability CAN-2005-0356 (Blue Coat Systems)
Solution ID: SOL4743 (F5 Software)
Vulnerability Note VU#637934 - TCP does not adequately validate segments before (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus