Home | FAQ | Contact | Privacy Policy
US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Red Hat, Inc. Information for VU#222750

Date Notified:2004-08-12
Date Updated:
Statement Date:
Status Summary:Vulnerable

Vendor Statement

CAN-2004-0790: A blind TCP connection reset

Red Hat Enterprise Linux 2.1 and 3 kernels have always verified the TCP sequence number on ICMP errors. In addition Linux kernels will never abort a connection due to a received ICMP packet. All Red Hat Enterprise Linux versions are therefore unaffected by this issue.

CAN-2004-0791: A spoofing attack with ICMP type 4 header

Red Hat Enterprise Linux 2.1 and 3 kernels prior to January 2005 honour ICMP Source Quench messages, although the TCP sequence number is checked which substantially increases the amount of effort an attacker would need to be able to cause a sucessful attack. ICMP Source Quench messages were disabled completely by the following updates:


CAN-2004-1060: ICMP path MTU spoofing

Red Hat Enterprise Linux 2.1 and 3 kernels verify the sequence number on ICMP errors, thus significantly mitigating this issue. This issue can also be mitigated by disabling pmtu discovery if not required (/proc/sys/net/ipv4/ip_no_pmtu_disc)

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Please see http://www.niscc.gov.uk/niscc/docs/re-20050412-00303.pdf?lang=en.

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information