[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <005101c4270e$dcc15660$1214dd80@corp.emc.com>
From: exibar at thelair.com (Exibar)
Subject: Core Internet Vulnerable - News at 11:00
Looks like this is the same thing:
NISCC Vulnerability Advisory 236929
Vulnerability Issues in TCP
Version Information
Advisory Reference 236929
Release Date 20 April 2004
Last Revision 20 April 2004
Version Number 1.0
What is Affected?
The vulnerability described in this advisory affects implementations of
the Transmission Control Protocol (TCP) that comply with the Internet
Engineering Task Force.s (IETF.s) Requests For Comments (RFCs) for TCP,
including RFC 793, the original specification, and RFC 1323, TCP
Extensions for High Performance.
TCP is a core network protocol used in the majority of networked computer
systems today. Many vendors include support for this protocol in their
products and may be impacted to varying degrees. Furthermore any network
service or application that relies on a TCP connection will also be
impacted, the severity depending primarily on the duration of the TCP
session.
Full Advisory
http://www.uniras.gov.uk/vuls/2004/236929/index.htm
----- Original Message -----
From: "Crist J. Clark" <cristjc@...cast.net>
To: <full-disclosure@...ts.netsys.com>
Sent: Tuesday, April 20, 2004 1:28 PM
Subject: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
> Does anyone know WTF they are trying to say in this AP article,
> "Core Internet Technology Is Vulnerable,"
>
>
http://story.news.yahoo.com/news?tmpl=story&cid=562&ncid=738&e=1&u=/ap/20040420/ap_on_hi_te/internet_threat
>
> It sounds like they are talking about a sequence number guessing
> attack on TCP BGP sessions? Sequence number prediction isn't really
> a new attack, but the story says,
>
> "Experts previously maintained such attacks could take between
> four years and 142 years to succeed because they require guessing
> a rotating number from roughly 4 billion possible combinations.
> Watson said he can guess the proper number with as few as four
> attempts, which can be accomplished within seconds."
>
> Hmmm... Four attempts... And the story makes it sound like a
> cross-platform attack, not a bug in a particular OS's ISN generation.
> FUD or is there something here?
> --
> Crist J. Clark | cjclark@...m.mit.edu
> | cjclark@....edu
> http://people.freebsd.org/~cjc/ | cjc@...ebsd.org
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
Powered by blists - more mailing lists