CVE-2008-4609 Information

Description

The TCP implementation in (1) Linux (2) platforms based on BSD Unix (3) Microsoft Windows (4) Cisco products and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table as demonstrated by sockstress.

Reference

http://blog.robertlee.name/2008/10/conjecture-speculation.html http://insecure.org/stf/tcp-dos-attack-explained.html http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html http://marc.info/?l=bugtraq&m=125856010926699&w=2 http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html http://www.outpost24.com/news/news-2008-10-02.html http://www.us-cert.gov/cas/techalerts/TA09-251A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6340 https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html