Secure Computing Corporation Information for VU#637934
TCP does not adequately validate segments before updating timestamp value
- Vendor Information Help Date Notified: 09 Mar 2005
- Statement Date:
- Date Updated: 11 Apr 2005
Status
Not Affected
Vendor Statement
Not Vulnerable
All versions of the Sidewinder(r) v5.x Firewall and Sidewinder G2(r) Security Appliance use one of the implementations recommended for mitigation of this attack. Sidewinder and Sidewinder G2 also support IPsec, allowing a complete workaround for the attack when required. No patches or updates are required.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.