Cisco Systems Inc. Information for VU#637934

TCP does not adequately validate segments before updating timestamp value

Status

Affected

Vendor Statement

"Cisco Systems, Inc. has released a security notice in response to CERT/CC Vulnerability Note VU#637934, which is available at the following URL:

http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml

For up-to-date information on security vulnerabilities in Cisco Systems,
Inc. products, visit http://www.cisco.com/go/psirt"

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Please see http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml

If you have feedback, comments, or additional information about this vulnerability, please send us email.