Summary
Details
Symptoms
Affected Products
Unaffected Products
Status of This Notice: FINAL
Revision History
Cisco Security Procedures
Related Information
Some implementations of the Transmission Control Protocol (TCP) Timestamps option (RFC1323) are vulnerable to a Denial of Service (DoS) attack from specifically crafted packets.
Only certain implementations of the TCP Timestamps option are vulnerable.
This notice will be posted at http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml.
TCP is defined in RFC 793 as a means to provide reliable transmission between hosts in packet-switched computer networks. RFC 1323 introduces the TCP timestamps option to increase the performance of TCP. Some implementations of the TCP timestamps option are vulnerable to a Denial of Service (DoS) attack from specifically crafted packets. The impact of a successful attack is a stall of a TCP connection until the TCP connection is reset. Only the TCP session that is explicitly targeted will be affected. All other active TCP sessions will be unaffected.
An attacker needs to determine the IP addresses and the TCP port numbers of both the source and the destination to exploit this vulnerability. Only the TCP sessions that are originating or terminating on a targeted system can be affected. All TCP sessions passing through a targeted system are unaffected.
A successful exploitation will result in stalling the targeted TCP connection. Other active TCP sessions will stay unaffected. A stalled TCP connection can be cleared by resetting the TCP connection.
The following Cisco products are affected by this vulnerability:
addresses this vulnerability for Microsoft Windows
Operating System (OS). The following Cisco products that are running on
Microsoft Windows are vulnerable, if they do not include the patch for
MS05-019
.Only the products that are explicitly listed above are affected. All other products including, but not limited to:
are unaffected. These products are listed for reference only. Any product that is not explicitly mentioned is unaffected.
This is a final notice. Although Cisco cannot guarantee the accuracy of all statements in this notice, all of the facts have been checked to the best of our ability. Cisco does not anticipate issuing updated versions of this notice unless there is some material change in the facts. Should there be a significant change in the facts, Cisco may update this notice.
A stand-alone copy or paraphrase of the text of this security notice that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
|
Revision 1.1 |
2005-May-23 |
Added two products to Microsoft Security Bulletin list under Affected Products. |
|
Revision 1.0 |
2005-May-18 |
Initial public release. |
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
All contents are Copyright © 1992-2006 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.
| Updated: Jan 30, 2006 | Document ID: 64909 |