Computer Security
[EN] securityvulns.ru no-pyccku


Multiple TCP implementations different security vulnerabilities
updated since 09.09.2009
Published:18.11.2009
Source:
SecurityVulns ID:10211
Type:remote
Threat Level:
9/10
Description:Multiple security vulnerabilities in different operation sustems caused by resource exhaustions on maintaining TCP states table.
Affected:MICROSOFT : Windows 2000 Server
 MICROSOFT : Windows 2000 Professional
 CISCO : IOS 12.0
 CISCO : IOS 12.1
 CISCO : IOS 12.2
 MICROSOFT : Windows XP
 MICROSOFT : Windows 2003 Server
 CISCO : IOS 12.3
 CISCO : IOS 12.4
 CISCO : PIX 7.0
 CISCO : PIX 7.1
 MICROSOFT : Windows Vista
 CISCO : PIX 7.2
 CISCO : CatOS 7.6
 MICROSOFT : Windows 2008 Server
 CISCO : PIX 8.0
 CISCO : PIX 8.1
 CISCO : IOS XE 2.1
 CISCO : IOS XE 2.2
 CISCO : CatOS 8.7
 CISCO : Cisco Nexus 5000
 CISCO : Cisco Nexus 7000
CVE:CVE-2009-1926 (Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka "TCP/IP Orphaned Connections Vulnerability.")
 CVE-2009-1925 (The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka "TCP/IP Timestamps Code Execution Vulnerability.")
 CVE-2008-4609 (The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.)
Original documentdocumentHP, [security bulletin] HPSBMI02473 SSRT080138 rev.1 - Cisco Catalyst Blade Switch 3020/3120, Remote Denial of Service (DoS) (18.11.2009)
 documentFabian Yamaguchi, TCP/IP Orphaned Connections Vulnerability (09.09.2009)
 documentCISCO, Cisco Security Advisory: TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products (09.09.2009)
 documentMICROSOFT, Microsoft Security Bulletin MS09-048 - Critical Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (967723) (09.09.2009)
Files:Microsoft Security Bulletin MS09-048 - Critical: Vulnerabilities in Windows TCP/IP could allow remote code execution

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod