CERTVU:102014Optimistic TCP acknowledgements can cause denial of service
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.013 Low
EPSS
Percentile
86.2%
Overview
A vulnerability in the TCP congestion control mechanism could be leveraged by an attacker to cause a denial of service.
Description
The Transmission Control Protocol (TCP) is described in RFC 793 as a means to provide reliable host-to-host transmission in a packet-switched computer network. Numerous Internet protocols such as HTTP, SMTP, and FTP rely on TCP as their underlying transport protocol. Several different TCP congestion control mechanisms are specified in RFC 2581.
In the course of normal operation a TCP client acknowledges (ACKs) the receipt of packets sent to it by the server. A TCP sender varies its transmission rate based on receiving ACKs of the packets it sends. An optimistic ACK is an ACK sent by a client for a data segment that it has not yet received. A vulnerability exists in the potential for a client to craft optimistic ACKs timed in such a way that they correspond to legitimate packets that the sender has already injected into the network (often referred to as “in-flight” packets). As a result, the sender believes that the transfer is progressing better than it actually is and may increase the rate at which it sends packets.
An important side effect of this condition is the amplification factor that it introduces. An attacker exploiting this vulnerability can potentially cause victims to transmit much more data than the bandwidth available to the attacker.
This condition was first described in 1999 by Savage, Cardwell, Wetherall, and Anderson in their paper, “TCP Congestion Control with a Misbehaving Receiver.” Although this paper briefly mentioned the possibility of using this condition to mount a denial-of-service attack, it did not develop the details of the attack. In 2005, Sherwood, Bhattacharjee, and Braud published a paper, entitled “Misbehaving TCP Receivers Can Cause Internet-Wide Congestion Collapse,” that examines the extent of the potential impact of an attack using this vulnerability.
Impact
A remote attacker can cause a TCP sender to transmit packets faster than it would in the course of a normal connection. The victim could potentially exhaust its network bandwidth, thereby resulting in a denial of service. In an attack involving multiple victims, the aggregate volume of generated traffic may cause congestion or a bandwidth exhaustion denial of service to intermediate transit network providers as well.
Solution
The CERT/CC is currently unaware of a practical solution to this problem.
Workarounds
Connection Throttling
Network administrators should consider implementing per-connection throttling or other forms of traffic shaping for services on their network that could be exploited. While this workaround does not remove the underlying vulnerability, it forces an attacker to use more hosts in order to have the same overall impact.
TCP Implementation Changes
Sherwood et al. proposes several implementation changes to mitigate this vulnerability. In particular, the authors suggest a strategy of randomly dropping segments on the sender. By doing this, receivers that ACK packets that are intentionally dropped by the sender can reliably be identified as misbehaving. The authors have provided a patch that implements this workaround for Linux 2.4.24 kernel.
It is important to note that these implementation changes have not been ratified by relevant standards bodies such as the IETF. Implementors and administrators should exercise careful consideration and be especially aware of unintended side effects when choosing to implement these implementation changes.
Vendor Information
102014
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Sun Microsystems, Inc. __ Affected
Notified: September 02, 2005 Updated: November 03, 2005
Statement Date: November 03, 2005
Status
Affected
Vendor Statement
`Sun implements the TCP standard in Solaris, and as such acknowledges
that it is affected by vulnerability #102014.
Sun is evaluting this issue, including its impact and possible methods
for adressing it, and is currently communicating with organisations
such as the IETF to determine the best course of action.`
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
3com, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
AT&T Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Alcatel Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Apple Computer, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Avaya, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Avici Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Borkerware Technologies Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Charlotte’s Web Networks Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Check Point Software Technologies Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Chiaro Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cisco Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Computer Associates Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Conectiva Inc. Unknown
Notified: October 26, 2005 Updated: October 26, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Cray Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
D-Link Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Data Connection, Ltd. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Debian Linux Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
EMC, Inc. (formerly Data General Corporation) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Engarde Secure Linux Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ericsson Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Extreme Networks Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
F5 Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fedora Project Unknown
Notified: October 26, 2005 Updated: October 26, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Force10 Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fortinet, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Foundry Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
FreeBSD, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Fujitsu Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
GNU netfilter Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Gentoo Linux Unknown
Notified: October 26, 2005 Updated: October 26, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Global Technology Associates Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hewlett-Packard Company __ Unknown
Notified: September 02, 2005 Updated: November 22, 2005
Statement Date: November 16, 2005
Status
Unknown
Vendor Statement
HP is investigating this issue.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hitachi Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Hyperchip Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM Corporation (zseries) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IBM eServer Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
IP Filter Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Immunix Communications, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ingrian Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Intel Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Internet Security Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Intoto Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Juniper Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Linksys (A division of Cisco Systems) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Lucent Technologies Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Luminous Networks Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Mandriva, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Mandriva, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Microsoft Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
MontaVista Software, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Multinet (owned Process Software Corporation) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Multitech, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NEC Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NetBSD Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Network Appliance, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
NextHop Technologies, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Nortel Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Novell, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
OpenBSD Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Openwall GNU/*/Linux Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
QNX, Software Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Red Hat, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Redback Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Riverstone Networks, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
SUSE Linux Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Secure Computing Network Security Division Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sequent Computer Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Silicon Graphics, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Slackware Linux Inc. Unknown
Notified: October 26, 2005 Updated: October 26, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Sony Corporation Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
StoneSoft, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Symantec, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group Unknown
Notified: October 26, 2005 Updated: October 26, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group (SCO Linux) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
The SCO Group (SCO Unix) Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Trustix Secure Linux Unknown
Notified: October 26, 2005 Updated: October 26, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Turbolinux Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
UNISYS Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Ubuntu Unknown
Notified: October 26, 2005 Updated: October 26, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Watchguard Technologies, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
Wind River Systems, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
ZyXEL Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
eSoft, Inc. Unknown
Notified: September 02, 2005 Updated: September 02, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
View all 85 vendors __View less vendors __
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | 0 | AV:–/AC:–/Au:–/C:–/I:–/A:– |
| Temporal | 0 | E:ND/RL:ND/RC:ND |
| Environmental | 0 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
- <http://www.cs.umd.edu/~capveg/optack/optack-ccs05.pdf>
- <http://www.cs.umd.edu/~capveg/optack/optack-extended.pdf>
- <http://www.cs.ucsd.edu/~savage/papers/CCR99.pdf>
- <http://www-2.cs.cmu.edu/~kgao/course/15744/network.pdf>
- <http://mirrors.sec.informatik.tu-darmstadt.de/ftp.ietf.org/internet-drafts/draft-azcorra-tcpm-tcp-blind-ack-dos-00.txt>
- <http://mirrors.sec.informatik.tu-darmstadt.de/ftp.ietf.org/internet-drafts/draft-azcorra-tcpm-tcp-blind-ack-dos-01.txt>
- <http://jvn.jp/cert/JVNVU%23102014/index.html>
Acknowledgements
Thanks to Rob Sherwood of the University of Maryland for reporting this vulnerability and researching its associated exploitation methods. The CERT/CC acknowledges Stefan Savage, Neal Cardwell, David Wetherall, and Tom Anderson for the original publication of the underlying protocol issue that causes the vulnerability.
This document was written by Chad Dougherty. Additional technical feedback and assistance with this vulnerability was provided by Hal Burch and Art Manion.
Other Information
| CVE IDs: | CVE-2005-3675 |
|---|---|
| Severity Metric: | 10.50 Date Public: |
References
jvn.jp/cert/JVNVU%23102014/index.html
mirrors.sec.informatik.tu-darmstadt.de/ftp.ietf.org/internet-drafts/draft-azcorra-tcpm-tcp-blind-ack-dos-00.txt
mirrors.sec.informatik.tu-darmstadt.de/ftp.ietf.org/internet-drafts/draft-azcorra-tcpm-tcp-blind-ack-dos-01.txt
www-2.cs.cmu.edu/~kgao/course/15744/network.pdf
www.cs.ucsd.edu/~savage/papers/CCR99.pdf
www.cs.umd.edu/~capveg/optack/optack-ccs05.pdf
www.cs.umd.edu/~capveg/optack/optack-extended.pdf
Related
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.013 Low
EPSS
Percentile
86.2%