| | site-map | e-mail

User:

Guest

Name: Password:

www.center.hu / Archive / Security news / august, 2006 / Sun Solaris invalid TCP sequence number denial of service vulnerability 

Sun Solaris invalid TCP sequence number denial of service vu

Sun Solaris invalid TCP sequence number denial of service vu

Date Discovered: 2006. július 26.
Date Published: 2006. július 31.
Last Updated: 2006. július 31.

Threat Assessment
Overall Risk: Medium
Impact:          High
Popularity:    Medium
Simplicity:     Low

Vulnerability Description
Vulnerability ID:          34449
Discovered By:            vendor
Exploitable Locally:     No
Exploitable Remotely: Yes
Impact:                        A remote attacker can cause a denial of service condition.
Root Cause:                 Software Vulnerability

Sun Solaris contains a vulnerability that can allow remote attackers to cause a denial of service condition. The vulnerability is due to insufficient handling of TCP packets with an invalid sequence number. A remote attacker can send a packet that will cause an ACK storm between networked hosts.

 

 

More information on CA Vulnerability Information Center: 
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34449

Computer Associates – the Trusted Source of Security Knowledge

 

2006-08-01 14:47

Back