Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Statement Date: October 23, 2002
Not Affected
The built-in firewall on Mac OS X and Mac OS X Server does not contain the vulnerabilty described in this report. Customers who have installed other firewall products should check with their third-party vendor for information.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Statement Date: October 24, 2002
Not Affected
Check Point VPN-1/FireWall-1 products are engineered to provide the highest levels of security. VPN-1/FireWall-1 will automatically drop any invalid packet flag combinations including, but not limited to, those described in CERT VU# 464113. In addition, the Check Point SmartDefense product will provide additional logging and alerting if this type of attack is attempted.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: July 28, 2004
Statement Date: January 22, 2004
Unknown
A new feature has been added to Cisco IOS starting from the IOS release 12.3(4)T. This feature provides a flexible mechanism for filtering on TCP flags. The new syntax can be found at the following URL: http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d344e.html
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: April 01, 2003
Statement Date: March 21, 2003
Not Affected
Clavister Firewall: Not vulnerable. Clavister Firewall only allows plain SYN packets to create new states, and, as such, also protects hosts behind it. In addition, thorough packet scrubbing is performed. The default settings for packets where the SYN flag is set are: SYN+URG: Drop and log the packet SYN+RST: Drop and log the packet SYN+FIN: Drop and log the packet SYN+PSH: Strip the PSH flag and log Although SYN+PSH is very uncommon, some TCP stacks have been observed to use them. Early versions of MacTCP is one such stack.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 30, 2002
Statement Date: October 30, 2002
Not Affected
Cray, Inc. is not vulnerable as we provide no software that performs this type of function.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 27, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 25, 2002
Statement Date: October 24, 2002
Not Affected
This issue isn't relevant to any of our products.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: April 01, 2003
Statement Date: March 27, 2003
Not Affected
Foundry Networks does not produce stateful or packet filtering firewalls, but do support high speed packet filtering ACLs on its products. An ACL with the "established" operator turned on will filter on all TCP packets with the ACK (Acknowledgment) or RST (Reset) bits set to "1" (on) in the control filed of the TCP packet header. Current versions of shipping software will not permit unexpected combinations of SYN flags.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: December 03, 2002
Statement Date: December 03, 2002
Not Affected
Fujitsu's UXP/V OS is not vulnerable, because the relevant function is not supported under UXP/V.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 25, 2002
Statement Date: October 24, 2002
Not Affected
While we are a vendor of a variety of products that involved network security, none of the products currently include firewall functionality that would be susceptible to the type of attack described below. We will keep this notification on file to ensure that any new products we might develop in the future are not susceptible to this attack.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: May 10, 2005
Statement Date: March 17, 2003
Not Affected
SOURCE: Hewlett-Packard Company HP Services Software Security Response Team x-ref:SSRT2391 As further information becomes available HP will provide notice of the availability of any necessary patches through standard security bulletin announcements and be available from your normal HP Services support channel.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: April 01, 2003
Statement Date: April 01, 2003
Not Affected
The IBM AIX operating system is not vulnerable to the issues discussed in CERT Vulnerability Note VU#464113.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 18, 2003
Statement Date: March 17, 2003
Not Affected
Ingrian Networks products are application-level proxies. The type of attack detailed in VU#464113 cannot be used to bypass their security.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: March 14, 2003
Statement Date: March 13, 2003
Not Affected
Lotus does not ship firewalls or packet filters, so there is no vulnerability due to TCP/IP connection open semantics.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 29, 2002
Statement Date: October 28, 2002
Not Affected
Microsoft has thoroughly investigated this issue, and found that Microsoft's ISA Server firewall product is not affected by the scenario described in this report.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: March 14, 2003
Statement Date: March 13, 2003
Not Affected
NetScreen is not vulnerable to this issue.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: March 14, 2003
Statement Date: October 25, 2002
Not Affected
The stateful packet filter (pf) that ships with OpenBSD 3.0 and later is not vulnerable to the attacks described. pf uses real stateful TCP filtering and keeps track of established connections using a state table. It doesn't use any TCP flags to associate a packet with an established connection, instead it uses source and destination addresses and ports to find matching state entries (and verifies sequence numbers against narrow windows). Filter rules specify which packets create state table entries, and the required TCP flags can be specified freely. It's possible to create state only for plain SYN packets or allow any combination of other TCP flags to do so. In no case any packet with any combination of TCP flags can bypass the policy defined in the rule set (due to the packet filter wrongly assuming it is part of an established connection), as only explicit rules can create state tables entries. To prevent SYN+RST packets from creating state, the option 'flags S/SAR' can be used (meaning 'SYN must be set, ACK and RST must not be set'). But even the common 'flags S/SA' will only create state when the remaining rule matches, allowing SYN+RST packets to establish only connections which are already allowed for plain SYNs.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 27, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 27, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 27, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 25, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: March 14, 2003
Statement Date: March 13, 2003
Unknown
SGI acknowledges the vulnerabilities reported by CERT VU#464113 and is currently investigating. This is being tracked as SGI Bug# 871383. No further information is available at this time. For the protection of all our customers, SGI does not disclose, discuss or confirm vulnerabilities until a full investigation has occurred and any necessary patch(es) or release streams are available for all vulnerable and supported IRIX operating systems. Until SGI has more definitive information to provide, customers are encouraged to assume all security vulnerabilities as exploitable and take appropriate steps according to local site security policies and requirements. As further information becomes available, additional advisories will be issued via the normal SGI security information distribution methods including the wiretap mailing list on http://www.sgi.com/support/security/.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 27, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: November 11, 2004
Not Affected
+ Solaris is not vulnerable to this issue. + The SunScreen Firewall products only pass packets with the SYN bit set to a host that it has been configured to allow a connection to. Setting extra bits in a packet will not change this behaviour. In addition, the SunScreen TCP state engine will check that the following conform to RFC 793 before passing them: * Packets in the three-way handshake. * Packets with FIN bit set. * Packets with RST bit set.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 28, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: April 01, 2003
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: May 01, 2003
Statement Date: April 30, 2003
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Please see ftp://ftp.sco.com/pub/security/OpenLinux/CSSA-2003-019.0.txt.
Notified: October 24, 2002 Updated: October 27, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 29, 2002
Statement Date: October 28, 2002
Not Affected
TrendMicro has been aware for some time of the potential problems that this TCP-Flag combination issue contains. TrendMicro has two products which make use of the network-layer, where these flags are used to identify the current session status. These products are GateLock
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 24, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 27, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: May 30, 2003
Statement Date: December 10, 2002
Not Affected
A response to this vulnerability is available from our web site: http://www.xerox.com/security.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 24, 2002 Updated: October 31, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
The CERT/CC has no additional comments at this time.