CVE-2004-0230 RST DoS vulnerability in Lenny?

To: debian-security@lists.debian.org
Subject: CVE-2004-0230 RST DoS vulnerability in Lenny?
From: JW <jw@mailsw.com>
Date: Thu, 11 Feb 2010 14:55:15 -0600
Message-id: <201002111455.15438.jw@mailsw.com>

Recently we've had a scanning vendor tell us our Debian Lenny 5.0.3 is 
vulnerable to CVE-2004-0230:

TCP/IP Sequence Prediction Blind Reset Spoofing DoS

"It may be possible to send spoofed RST packets to the remote system."

" . . . vulnerable to a sequence number
approximation bug, which may allow an attacker to send
spoofed RST packets to the remote host and close established
connections . . . "

When I tried to look up info about it - one pages lists "Linux" as vulnerable 
(with no additional information) and I am not able to find anything about 
Debian's status or relationship to it except possibly for 
http://www.mail-archive.com/secure-testing-commits@lists.alioth.debian.org/msg01390.html 
which possibly indicates it's fixed, or someone tried to fix it in 2005.

Does anyone know anything about this? I'm needing some kind of fix or 
work-around so I can satisfy the scan vendor. 

Thanks,

	JW

-- 

----------------------
System Administrator - Cedar Creek Software
http://www.cedarcreeksoftware.com

Reply to:

Follow-Ups:
- Re: CVE-2004-0230 RST DoS vulnerability in Lenny?
  - From: Török Edwin <edwintorok@gmail.com>
- Re: CVE-2004-0230 RST DoS vulnerability in Lenny?
  - From: Michael Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: Re: selinux question on debian lenny
Next by Date: Re: CVE-2004-0230 RST DoS vulnerability in Lenny?
Previous by thread: Re: selinux question on debian lenny
Next by thread: Re: CVE-2004-0230 RST DoS vulnerability in Lenny?
Index(es):
- Date
- Thread