Overview
Certain TCP implementations may allow a remote attacker to arbitrarily modify host timestamp values, leading to a denial-of-service condition.
Description
The Transmission Control Protocol (TCP) is defined in RFC 793 as a means to provide reliable host-to-host transmission between hosts in a packet-switched computer networks. RFC 1323 introduced techniques to increase the performance of TCP. Two such techniques are TCP timestamps and Protection Against Wrapped Sequence Numbers (PAWS). In certain implementations of TCP with timestamps enabled, both hosts maintain an internal timer that is used to detect segment loss and regulate traffic flow. PAWS uses timestamps to prevent duplicate or old segments from corrupting an active connection. In PAWS with the timestamps option enabled, hosts use an internal timer to track the value of the timestamp in incoming segments against the last valid timestamp recorded. If the segment's timestamp is larger than the value of the last valid timestamp and the sequence number is less than the last acknowledgement sent, then the host's internal timer is updated with the new timestamp value and the segment is passed on for further processing. Otherwise, the segment is rejected as too old or a duplicate. |
Impact
An unauthenticated, remote attacker could cause TCP connections to abort/drop segments, leading to a denial-of-service condition. |
Solution
Apply a patch |
Disable PAWS
|
Vendor Information
Avaya Affected
Notified: March 09, 2005 Updated: June 30, 2005
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see http://support.avaya.com/elmodocs2/security/ASA-2005-148.pdf for information regarding this vulnerability.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Blue Coat Systems Affected
Updated: June 30, 2005
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Security Advisory: TCP Vulnerability CAN-2005-0356
Date:
June 28, 2005
Severity:
High
Description:
Some Blue Coat Systems products are vulnerable to the attack described in CAN-2005-0356. This is a denial of service vulnerability that exists for TCP RFC 1323. The issue exists in the Protection Against Wrapped Sequence Numbers (PAWS) technique when TCP PAWS is configured to employ timestamp values.
A successful attack may result in a TCP connection to drop packets, resulting is a denial of service situation.
Affected Systems:
All OS Releases (CacheOS, SGOS)
Workaround:
Disable rfc-1323 support
SG3/SG4
#(config)tcp-ip rfc-1323 disable
SG2
#(config) reveal-advanced tcp-ip
#(config) tcp-ip no rfc-1323
Fixed in:
SG3.2.5 (TBD)
SG4.1.2 (TBD)
Additional Information:
http://www.kb.cert.org/vuls/id/637934
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0356
For more information, please contact the Blue Coat Technical Support Department.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Cisco Systems Inc. Affected
Notified: March 09, 2005 Updated: June 06, 2005
Status
Affected
Vendor Statement
"Cisco Systems, Inc. has released a security notice in response to CERT/CC Vulnerability Note VU#637934, which is available at the following URL:
http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
For up-to-date information on security vulnerabilities in Cisco Systems,
Inc. products, visit http://www.cisco.com/go/psirt"
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
If you have feedback, comments, or additional information about this vulnerability, please send us email.
FreeBSD Affected
Notified: March 09, 2005 Updated: May 25, 2005
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c Revision 1.252.2.16
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hitachi Affected
Notified: March 09, 2005 Updated: June 20, 2005
Status
Affected
Vendor Statement
AlaxalA Networks AX series are vulnerable to this issue. More details are available at
http://www.alaxala.com/jp/support/ICMP-20050518.html (Japanese)
Hitachi GR2000/GR4000/GS4000/GS3000 are vulnerable to this issue. More details are available at
http://www.hitachi.co.jp/Prod/comp/network/notice/VU-637934.html (Japanese)
[NOT VULNERABLE]
Hitachi HI-UX/WE2 is NOT vulnerable to this issue.
Hitachi Cable Apresia/GMX/HSW series are NOT vulnerable to this issue. More details are available at
http://www.hitachi-cable.co.jp/infosystem/security/hcvu0002.stm (Japanese)
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Microsoft Corporation Affected
Notified: March 09, 2005 Updated: May 18, 2005
Status
Affected
Vendor Statement
Changes made during the development of Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and the MS05-019 security update eliminated this vulnerability. If you have installed any of these updates, you are protected from this vulnerability and no further action is required. See
http://www.microsoft.com/technet/security/advisory/899480.mspx
for more information about this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please refer to http://www.microsoft.com/technet/security/advisory/899480.mspx and http://www.microsoft.com/technet/security/advisory/899480.mspx
If you have feedback, comments, or additional information about this vulnerability, please send us email.
OpenBSD Affected
Notified: March 09, 2005 Updated: May 18, 2005
Status
Affected
Vendor Statement
A patch for OpenBSD 3.6 and previous releases is available at
http://openbsd.org/errata36.html#tcp
OpenBSD 3.7, being released on May 19, is not vulnerable because
it contains the fix.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see http://www.openbsd.org/errata.html#rtt and http://openbsd.org/errata36.html#tcp
[Note the CERT/CC has not verified the contents of the Vendor Statement above.]
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Redback Networks Inc. Affected
Notified: March 09, 2005 Updated: May 19, 2005
Status
Affected
Vendor Statement
Impact of CERT® Advisory VU#637934 on Redback Products
Vulnerability Description: Systems with persistent TCP connections might be affected by this vulnerability.
The TCP Timestamps option (RFC1323) is deployed widely. There is a variant of the TCP Timestamps option, which would supposedly be more prevalent than the standard algorithm. The variant, however, has a vulnerability which allows malicious, off-path third parties to stall TCP connections.
More details on this vulnerability can be found at the CERT website. (www.cert.org)
Impacted Redback Products: NONE of Redback SmartEdge 400, 800 Routers; Redback SmartEdge 400, 800 Service Gateway Systems are impacted by this issue.
NONE of the products of SMS product-line are affected by this issue
Why Redback products are not affected:
The TCP/IP stack on both of Redback product-lines already implements all validation procedures outlined in the CERT advisory before a packet is accepted and the session timestamp updated. Consequently, TCP applications on Redback products are not vulnerable to this attack.
Recommended Best Practice to Guard Against TCP Attacks: While there is no way a network operator can completely defend against various vulnerabilities and hacker attacks, Redback Networks products already implement many mechanisms to guard against such attacks. Some examples include:
·MD5 authentication for TCP
·IP source address validation on any subscriber circuit, so no subscriber terminated on the box can participate in this type of attack.
Vulnerability Resolution: NOT Required on this since Redback product-lines are not affected.
For further assistance or information regarding this topic contact the Redback Networks Technical Assistance Center (TAC). TAC is prepared to provide worldwide support for security workarounds that address this issue. There are several known workarounds that can significantly reduce this exposure. The Redback domestic TAC number is (877) 733 2225 and International TAC phone number is 31-104987777. Redback TAC will provide detailed information to our worldwide systems engineers and focal engineers to assist customers in configuring these workarounds.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Yamaha Affected
Updated: May 26, 2005
Status
Affected
Vendor Statement
YAMAHA products are Vulnerable.
Vendor comment:
We provide the information on this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Check Point Not Affected
Notified: March 09, 2005 Updated: May 19, 2005
Status
Not Affected
Vendor Statement
For further information, please refer to the following Check Point SecureKnowledge article: Solution ID: sk30828
https://secureknowledge.checkpoint.com/sk/public/intro.jsp.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see
https://secureknowledge.checkpoint.com/sk/public/intro.jsp
reference ID# sk30828
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Clavister Not Affected
Notified: March 09, 2005 Updated: May 18, 2005
Status
Not Affected
Vendor Statement
Clavister Security Gateway is itself not vulnerable to this attack. It also has the ability to protect clients against these attacks by allowing the administrator to specify that timestamp options should be removed from TCP packets.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Foundry Networks Inc. Not Affected
Notified: March 09, 2005 Updated: May 18, 2005
Status
Not Affected
Vendor Statement
Foundry Networks products are not vulnerable.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Fujitsu Not Affected
Notified: March 09, 2005 Updated: May 23, 2005
Status
Not Affected
Vendor Statement
FUJITSU products are NOT susceptible to this vulnerability.
We continue to check our products.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NEC Corporation Not Affected
Notified: March 09, 2005 Updated: May 17, 2005
Status
Not Affected
Vendor Statement
sent on May 17, 2005
=====================================================================
* NEC products are NOT susceptible to this vulnerability.
- We continue to check our products.
=====================================================================
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Netfilter Not Affected
Notified: March 09, 2005 Updated: March 17, 2005
Status
Not Affected
Vendor Statement
The Linux Kernel implements a check "(B')" as specified in the document. Therefore, the Linux Kernel TCP implementation is not vulnerable.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NextHop Not Affected
Notified: March 09, 2005 Updated: March 16, 2005
Status
Not Affected
Vendor Statement
NextHop Technologies does not provide an implementation of TCP; therefore NextHop software is not vulnerable to this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Red Hat Inc. Not Affected
Notified: March 09, 2005 Updated: August 23, 2005
Status
Not Affected
Vendor Statement
Red Hat Enterprise Linux is not vulnerable to this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Secure Computing Corporation Not Affected
Notified: March 09, 2005 Updated: April 11, 2005
Status
Not Affected
Vendor Statement
Not Vulnerable
All versions of the Sidewinder(r) v5.x Firewall and Sidewinder G2(r) Security Appliance use one of the implementations recommended for mitigation of this attack. Sidewinder and Sidewinder G2 also support IPsec, allowing a complete workaround for the attack when required. No patches or updates are required.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sun Microsystems Inc. Not Affected
Notified: March 09, 2005 Updated: April 11, 2005
Status
Not Affected
Vendor Statement
Solaris is not vulnerable to this issue
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
WatchGuard Not Affected
Notified: March 09, 2005 Updated: April 15, 2005
Status
Not Affected
Vendor Statement
Watchguard's curent assessment is that we are not affected by this issue.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
3Com Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
AT&T Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Alcatel Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Apple Computer Inc. Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Avici Systems Inc. Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Borderware Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Chiaro Networks Unknown
Notified: March 09, 2005 Updated: May 18, 2005
Status
Unknown
Vendor Statement
The Enstara router is vulnerable to the condition described in VU#637934. Because BGP sessions are particularly vulnerable, Chiaro Networks recommends protecting BGP sessions using the following techniques:
1) Enable GTSM as described in RFC3682
2) Enable MD5 authentication on the TCP connection between BGP peers.
Customers will be notified as soon as a fix is available.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Computer Associates Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Conectiva Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Cray Inc. Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Cwnt Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Data Connection Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Debian Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
EMC Corporation Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Engarde Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Extreme Networks Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
F5 Networks Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Fortinet Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
GTA Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hewlett-Packard Company Unknown
Notified: March 09, 2005 Updated: May 17, 2005
Status
Unknown
Vendor Statement
SOURCE: Hewlett-Packard Company Software Security Response Team
x-ref:SSRT5929
HP's operating system products are not vulnerable.
To report potential security vulnerabilities in HP software, send an E-mail message to security-alert@hp.com.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Hyperchip Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM eServer Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IBM zSeries Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
IP Filter Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Immunix Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Ingrian Networks Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Inoto Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Intel Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Internet Security Systems Inc. Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Juniper Networks Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Lachman Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Linksys Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Lucent Technologies Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Luminous Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MandrakeSoft Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
MontaVista Software Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Multi-Tech Systems Inc. Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Multinet Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
NetBSD Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Netscreen Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Network Appliance Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Nokia Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Nortel Networks Unknown
Notified: March 09, 2005 Updated: May 24, 2005
Status
Unknown
Vendor Statement
Nortel has posted Security Advisory Bulletin no. 2005005916 addressing the TCP Timestamps issue at http://nortel.com/securityadvisories
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Please see http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2005/20/019115-01.pdf
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Novell Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Openwall GNU/*/Linux Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Riverstone Networks Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SCO Linux Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SCO Unix Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SGI Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SecureWorx Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sequent Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Sony Corporation Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Stonesoft Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
SuSE Inc. Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Symantec Corporation Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
TurboLinux Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Unisys Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
Wind River Systems Inc. Unknown
Notified: March 09, 2005 Updated: May 18, 2005
Status
Unknown
Vendor Statement
Wind River customers should access www.windriver.com to determine the potential vulnerability of their product and download an update.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
ZyXEL Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
eSoft Unknown
Notified: March 09, 2005 Updated: March 09, 2005
Status
Unknown
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to Noritoshi Demizu for researching and reporting this vulnerability.
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | CVE-2005-0356 |
| Severity Metric: | 4.73 |
| Date Public: | 2005-05-18 |
| Date First Published: | 2005-05-18 |
| Date Last Updated: | 2005-08-23 15:39 UTC |
| Document Revision: | 217 |