SB2008102002 - Configuration in Linux kernel
Published: October 20, 2008
Security Bulletin ID
SB2008102002
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Configuration (CVE-ID: CVE-2008-4609)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Remediation
Install update from vendor's website.
References
- http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html
- http://www.outpost24.com/news/news-2008-10-02.html
- http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html
- http://blog.robertlee.name/2008/10/conjecture-speculation.html
- https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html
- http://insecure.org/stf/tcp-dos-attack-explained.html
- http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml
- http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf
- http://www.us-cert.gov/cas/techalerts/TA09-251A.html
- http://marc.info/?l=bugtraq&m=125856010926699&w=2
- http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048