Bug#310804: kernel-source-2.6.8: CAN-2005-0356 RFC1323 spec DoS

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#310804: kernel-source-2.6.8: CAN-2005-0356 RFC1323 spec DoS
From: Geoff Crompton <geoff.crompton@strategicdata.com.au>
Date: Thu, 26 May 2005 16:03:15 +1000
Message-id: <[🔎] 20050526060315.E4D0E390001@carthanach.mel.strategicdata.com.au>
Reply-to: Geoff Crompton <geoff.crompton@strategicdata.com.au>, 310804@bugs.debian.org

Package: kernel-source-2.6.8
Version: 2.6.8-15
Severity: important

See http://www.securityfocus.com/bid/13676 for more information. In
short, a DoS exists when a machine uses PAWS (Protection Against Wrapped
Sequence Numbers).

Quoting from securityfocus:
>The issue manifests if an attacker transmits a sufficient TCP PAWS
>packet to a vulnerable computer. A large value is set by the 
>attacker as the packet timestamp. When the target computer processes 
>this packet, the internal timer is updated to the large attacker supplied 
>value.
>This causes all other valid packets that are received subsequent to an
>attack to be dropped as they are deemed to be too old, or invalid. 
>This type of attack will effectively deny service for a target connection.

The securityfocus article doesn't mention linux as vulnerable, however
RFC1323 is implemented in linux, and this issue can be enabled/disabled 
via proc/sys/net/ipv4/tcp_timestamps

Reply to:

Prev by Date: Re: broadcom proposed firmware licence, please comment ...
Next by Date: Processed: Re: Bug#310786: Debian Sarge ver. 17-05-2005, Bad: scheduling while atomic!, whe Iuse 8021q
Previous by thread: Processed: Re: Bug#310767: eggdrop: Eggdrop causes an "Oops" in kernel
Next by thread: Processed: Re: Bug#310786: Debian Sarge ver. 17-05-2005, Bad: scheduling while atomic!, whe Iuse 8021q
Index(es):
- Date
- Thread