Clavister Information for VU#637934
TCP does not adequately validate segments before updating timestamp value
- Vendor Information Help Date Notified: 09 Mar 2005
- Statement Date:
- Date Updated: 18 May 2005
Clavister Security Gateway is itself not vulnerable to this attack. It also has the ability to protect clients against these attacks by allowing the administrator to specify that timestamp options should be removed from TCP packets.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.