OpenLinux TCP_Sec TCP Packet Filtering Weakness

info
discussion
exploit
solution
references

OpenLinux TCP_Sec TCP Packet Filtering Weakness

A weakness has been discovered in tcp_sec implementations for OpenLinux while filtering TCP packets. Specifically, an attacker may be capable of bypassing network firewall policies by setting both the SYN and FIN flags within a malformed TCP packet. This may make it possible for an attacker to establish a session with a service that could otherwise be inaccessible.