Bug#310804: kernel-source-2.6.8: CAN-2005-0356 RFC1323 spec DoS
Package: kernel-source-2.6.8
Version: 2.6.8-15
Severity: important
See http://www.securityfocus.com/bid/13676 for more information. In
short, a DoS exists when a machine uses PAWS (Protection Against Wrapped
Sequence Numbers).
Quoting from securityfocus:
>The issue manifests if an attacker transmits a sufficient TCP PAWS
>packet to a vulnerable computer. A large value is set by the
>attacker as the packet timestamp. When the target computer processes
>this packet, the internal timer is updated to the large attacker supplied
>value.
>This causes all other valid packets that are received subsequent to an
>attack to be dropped as they are deemed to be too old, or invalid.
>This type of attack will effectively deny service for a target connection.
The securityfocus article doesn't mention linux as vulnerable, however
RFC1323 is implemented in linux, and this issue can be enabled/disabled
via proc/sys/net/ipv4/tcp_timestamps
Reply to: