• Welcome to Valhalla Legends Archive.
 

TCP Vulnerability

Started by Stealth, April 20, 2004, 02:40 PM

Previous topic - Next topic

Stealth

There has apparently been discovered a vulnerability in the TCP protocol. (SlashDot readers will know this fairly soon if they don't already. ;) )

US-CERT document:
http://cert.gov/cas/techalerts/TA04-111A.html

British NISCC Vulnerability Advisory:
http://www.uniras.gov.uk/vuls/2004/236929/index.htm

This could get ugly. (Could this get ugly?)
- Stealth
Author of StealthBot

Banana fanna fo fanna

I thought guessing sequence numbers was an old thing?

iago

Quote from: St0rm.iD on April 20, 2004, 02:50 PM
I thought guessing sequence numbers was an old thing?

If that's the same thing I recently read, it can be done without guessing sequence numbers.  All you need to know is the source/dest port/ip.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


iago

Quote from: Stealth on April 20, 2004, 02:40 PM
This could get ugly. (Could this get ugly?)

I don't think so, from what I've seen you rarely know the necessary ports, and even if you do most connections could be remade anyway.  I don't see this being much of a problem.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Stealth

Ah well. It's newsworthy, anyways. =)
- Stealth
Author of StealthBot