Sun Microsystems, Inc. Information for VU#415294

The Border Gateway Protocol relies on persistent TCP sessions without specifying authentication requirements

Status

Affected

Vendor Statement

Sun acknowledges that this vulnerability is not new, and similar RST-based DoS attacks are old and well-known. In this particular case, likely targets are long lived TCP connections between well-known hosts using well-known ports (or a small range of known ports).


To be successful, the attacker needs to know the entire four-tuple of a TCP connection (both sides' IP addresses and TCP ports), and the TCP connection needs to stay up long enough.

Sun is evaluating schemes to mitigate this vulnerability - including those discussed in the IETF draft on TCP Security. At present Sun believes that these conditions are not widespread in typical Internet use and is limited to protocols such as BGP.

If this evaluation determines that a software update is the best solution to this problem, Sun will provide updates to our software.

Meanwhile, please consult the advisories listed below for detailed mitigating strategies against these attacks:

http://www.uniras.gov.uk/l1/l2/l3/alerts2004/alert-1704.txt
http://www.us-cert.gov/cas/techalerts/TA04-111A.html

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.