Chiaro Networks Information for VU#637934
TCP does not adequately validate segments before updating timestamp value
- Vendor Information Help Date Notified: 09 Mar 2005
- Statement Date:
- Date Updated: 18 May 2005
Unknown. If you are the vendor named above, please contact us to update your status.
The Enstara router is vulnerable to the condition described in VU#637934. Because BGP sessions are particularly vulnerable, Chiaro Networks recommends protecting BGP sessions using the following techniques:
1) Enable GTSM as described in RFC3682
2) Enable MD5 authentication on the TCP connection between BGP peers.
Customers will be notified as soon as a fix is available.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.