Hitachi Information for VU#637934

TCP does not adequately validate segments before updating timestamp value

Status

Affected

Vendor Statement

AlaxalA Networks AX series are vulnerable to this issue. More details are available at

http://www.alaxala.com/jp/support/ICMP-20050518.html (Japanese)

Hitachi GR2000/GR4000/GS4000/GS3000 are vulnerable to this issue. More details are available at

http://www.hitachi.co.jp/Prod/comp/network/notice/VU-637934.html (Japanese)

[NOT VULNERABLE]

Hitachi HI-UX/WE2 is NOT vulnerable to this issue.

Hitachi Cable Apresia/GMX/HSW series are NOT vulnerable to this issue. More details are available at

http://www.hitachi-cable.co.jp/infosystem/security/hcvu0002.stm (Japanese)

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

US-CERT has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.