Secure Computing Corporation Information for VU#637934
TCP does not adequately validate segments before updating timestamp value
- Vendor Information Help Date Notified: 09 Mar 2005
- Statement Date:
- Date Updated: 11 Apr 2005
All versions of the Sidewinder(r) v5.x Firewall and Sidewinder G2(r) Security Appliance use one of the implementations recommended for mitigation of this attack. Sidewinder and Sidewinder G2 also support IPsec, allowing a complete workaround for the attack when required. No patches or updates are required.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.