[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

CVE-2004-0230 RST DoS vulnerability in Lenny?

Recently we've had a scanning vendor tell us our Debian Lenny 5.0.3 is 
vulnerable to CVE-2004-0230:

TCP/IP Sequence Prediction Blind Reset Spoofing DoS

"It may be possible to send spoofed RST packets to the remote system."

" . . . vulnerable to a sequence number
approximation bug, which may allow an attacker to send
spoofed RST packets to the remote host and close established
connections . . . "

When I tried to look up info about it - one pages lists "Linux" as vulnerable 
(with no additional information) and I am not able to find anything about 
Debian's status or relationship to it except possibly for 
which possibly indicates it's fixed, or someone tried to fix it in 2005.

Does anyone know anything about this? I'm needing some kind of fix or 
work-around so I can satisfy the scan vendor. 




System Administrator - Cedar Creek Software

Reply to: