• Welcome to Valhalla Legends Archive.
 

TCP Vulnerability

Started by Stealth, April 20, 2004, 02:40 PM

Previous topic - Next topic
Print
|
Go Down Pages1
User actions

Stealth

April 20, 2004, 02:40 PM
There has apparently been discovered a vulnerability in the TCP protocol. (SlashDot readers will know this fairly soon if they don't already. ;) )

US-CERT document:
http://cert.gov/cas/techalerts/TA04-111A.html

British NISCC Vulnerability Advisory:
http://www.uniras.gov.uk/vuls/2004/236929/index.htm

This could get ugly. (Could this get ugly?)
- Stealth
Author of StealthBot

Banana fanna fo fanna

#1
April 20, 2004, 02:50 PM
I thought guessing sequence numbers was an old thing?

iago

#2
April 20, 2004, 02:59 PM
Quote from: St0rm.iD on April 20, 2004, 02:50 PM
I thought guessing sequence numbers was an old thing?

If that's the same thing I recently read, it can be done without guessing sequence numbers.  All you need to know is the source/dest port/ip.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

iago

#3
April 20, 2004, 03:01 PM
Quote from: Stealth on April 20, 2004, 02:40 PM
This could get ugly. (Could this get ugly?)

I don't think so, from what I've seen you rarely know the necessary ports, and even if you do most connections could be remade anyway.  I don't see this being much of a problem.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Stealth

#4
April 21, 2004, 12:13 AM
Ah well. It's newsworthy, anyways. =)
- Stealth
Author of StealthBot
Print
|
Go Up Pages1
User actions