Multiple Vendor TCP Acknowledgements Remote Denial Of Service Vulnerability

Multiple vendors are susceptible to a remote TCP acknowledgement denial of service vulnerability.

This issue presents itself when the remote peer forges acknowledgment packets prior to actually receiving packets from the sending host. As soon as the server receives an acknowledgment for a packet that has been sent, it assumes that the client has received it. These acknowledgment packets influence the servers congestion control mechanism.

This vulnerability allows remote attackers to consume excessive network resources, denying network service to legitimate users.

This issue exists in the TCP protocol specification as defined by RFC 793. However, it is likely that a number of specific vendor implementations will also be affected. This BID will be updated as individual implementations of the protocol are reported to be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus