Heads up this is very easily exploitable...A vulnerability in the Transmission Control Protocol (TCP) specification (RFC793) has been discovered by an external researcher. The successful exploitation enables an adversary to reset any established TCP connection in a much shorter time than was previously discussed publicly. Depending on the application, the connection may get automatically re-established. In other cases, a user will have to repeat the action (for example, open a new Telnet or SSH session). Depending upon the attacked protocol, a successful attack may have additional consequences beyond terminated connection which must be considered. This attack vector is only applicable to the sessions which are terminating on a device (such as a router, switch, or computer), and not to the sessions that are only passing through the device (for example, transit traffic that is being routed by a router). In addition, the attack vector does not directly compromise data integrity or confidentiality.
All Cisco products which contain a TCP stack are susceptible to this vulnerability
Cisco Security Advisory for all you Cisco Jockies out there.
-
Arborealus
- Way too much time!
- Posts: 3417
- Joined: September 21, 2002, 5:36 am
- Contact:
Cisco Security Advisory for all you Cisco Jockies out there.
http://www.cisco.com/warp/public/707/ci ... ml#summary
