Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: June 30, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see http://support.avaya.com/elmodocs2/security/ASA-2005-148.pdf for information regarding this vulnerability.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Updated: June 30, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Security Advisory: TCP Vulnerability CAN-2005-0356 Date: June 28, 2005 Severity: High Description: Some Blue Coat Systems products are vulnerable to the attack described in CAN-2005-0356. This is a denial of service vulnerability that exists for TCP RFC 1323. The issue exists in the Protection Against Wrapped Sequence Numbers (PAWS) technique when TCP PAWS is configured to employ timestamp values. A successful attack may result in a TCP connection to drop packets, resulting is a denial of service situation. Affected Systems: All OS Releases (CacheOS, SGOS) Workaround: Disable rfc-1323 support SG3/SG4 #(config)tcp-ip rfc-1323 disable SG2 #(config) reveal-advanced tcp-ip #(config) tcp-ip no rfc-1323 Fixed in: SG3.2.5 (TBD) SG4.1.2 (TBD) Additional Information: http://www.kb.cert.org/vuls/id/637934 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0356 For more information, please contact the Blue Coat Technical Support Department.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 19, 2005
Not Affected
For further information, please refer to the following Check Point SecureKnowledge article: Solution ID: sk30828 https://secureknowledge.checkpoint.com/sk/public/intro.jsp.
The vendor has not provided us with any further information regarding this vulnerability.
Please see https://secureknowledge.checkpoint.com/sk/public/intro.jsp reference ID# sk30828
Notified: March 09, 2005 Updated: May 18, 2005
Unknown
The Enstara router is vulnerable to the condition described in VU#637934. Because BGP sessions are particularly vulnerable, Chiaro Networks recommends protecting BGP sessions using the following techniques: 1) Enable GTSM as described in RFC3682 2) Enable MD5 authentication on the TCP connection between BGP peers. Customers will be notified as soon as a fix is available.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: June 06, 2005
Affected
"Cisco Systems, Inc. has released a security notice in response to CERT/CC Vulnerability Note VU#637934, which is available at the following URL: http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml For up-to-date information on security vulnerabilities in Cisco Systems, Inc. products, visit http://www.cisco.com/go/psirt"
The vendor has not provided us with any further information regarding this vulnerability.
Please see http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml
Notified: March 09, 2005 Updated: May 18, 2005
Not Affected
Clavister Security Gateway is itself not vulnerable to this attack. It also has the ability to protect clients against these attacks by allowing the administrator to specify that timestamp options should be removed from TCP packets.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 18, 2005
Not Affected
Foundry Networks products are not vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 25, 2005
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet/tcp_input.c Revision 1.252.2.16
Notified: March 09, 2005 Updated: May 23, 2005
Not Affected
FUJITSU products are NOT susceptible to this vulnerability. We continue to check our products.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 17, 2005
Unknown
SOURCE: Hewlett-Packard Company Software Security Response Team x-ref:SSRT5929 HP's operating system products are not vulnerable. To report potential security vulnerabilities in HP software, send an E-mail message to security-alert@hp.com.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: June 20, 2005
Affected
AlaxalA Networks AX series are vulnerable to this issue. More details are available at http://www.alaxala.com/jp/support/ICMP-20050518.html (Japanese) Hitachi GR2000/GR4000/GS4000/GS3000 are vulnerable to this issue. More details are available at http://www.hitachi.co.jp/Prod/comp/network/notice/VU-637934.html (Japanese) [NOT VULNERABLE] Hitachi HI-UX/WE2 is NOT vulnerable to this issue. Hitachi Cable Apresia/GMX/HSW series are NOT vulnerable to this issue. More details are available at http://www.hitachi-cable.co.jp/infosystem/security/hcvu0002.stm (Japanese)
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 18, 2005
Affected
Changes made during the development of Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and the MS05-019 security update eliminated this vulnerability. If you have installed any of these updates, you are protected from this vulnerability and no further action is required. See http://www.microsoft.com/technet/security/advisory/899480.mspx for more information about this issue.
The vendor has not provided us with any further information regarding this vulnerability.
Please refer to http://www.microsoft.com/technet/security/advisory/899480.mspx and http://www.microsoft.com/technet/security/advisory/899480.mspx
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 17, 2005
Not Affected
sent on May 17, 2005 * NEC products are NOT susceptible to this vulnerability. - We continue to check our products.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 17, 2005
Not Affected
The Linux Kernel implements a check "(B')" as specified in the document. Therefore, the Linux Kernel TCP implementation is not vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 16, 2005
Not Affected
NextHop Technologies does not provide an implementation of TCP; therefore NextHop software is not vulnerable to this issue.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 24, 2005
Unknown
Nortel has posted Security Advisory Bulletin no. 2005005916 addressing the TCP Timestamps issue at http://nortel.com/securityadvisories
The vendor has not provided us with any further information regarding this vulnerability.
Please see http://www116.nortelnetworks.com/pub/repository/CLARIFY/DOCUMENT/2005/20/019115-01.pdf
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 18, 2005
Affected
A patch for OpenBSD 3.6 and previous releases is available at http://openbsd.org/errata36.html#tcp OpenBSD 3.7, being released on May 19, is not vulnerable because it contains the fix.
The vendor has not provided us with any further information regarding this vulnerability.
Please see http://www.openbsd.org/errata.html#rtt and http://openbsd.org/errata36.html#tcp [Note the CERT/CC has not verified the contents of the Vendor Statement above.]
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 19, 2005
Affected
Impact of CERT® Advisory VU#637934 on Redback Products Vulnerability Description: Systems with persistent TCP connections might be affected by this vulnerability. The TCP Timestamps option (RFC1323) is deployed widely. There is a variant of the TCP Timestamps option, which would supposedly be more prevalent than the standard algorithm. The variant, however, has a vulnerability which allows malicious, off-path third parties to stall TCP connections. More details on this vulnerability can be found at the CERT website. (www.cert.org) Impacted Redback Products: NONE of Redback SmartEdge 400, 800 Routers; Redback SmartEdge 400, 800 Service Gateway Systems are impacted by this issue. NONE of the products of SMS product-line are affected by this issue Why Redback products are not affected: The TCP/IP stack on both of Redback product-lines already implements all validation procedures outlined in the CERT advisory before a packet is accepted and the session timestamp updated. Consequently, TCP applications on Redback products are not vulnerable to this attack. Recommended Best Practice to Guard Against TCP Attacks: While there is no way a network operator can completely defend against various vulnerabilities and hacker attacks, Redback Networks products already implement many mechanisms to guard against such attacks. Some examples include: · MD5 authentication for TCP · IP source address validation on any subscriber circuit, so no subscriber terminated on the box can participate in this type of attack. Vulnerability Resolution: NOT Required on this since Redback product-lines are not affected. For further assistance or information regarding this topic contact the Redback Networks Technical Assistance Center (TAC). TAC is prepared to provide worldwide support for security workarounds that address this issue. There are several known workarounds that can significantly reduce this exposure. The Redback domestic TAC number is (877) 733 2225 and International TAC phone number is 31-104987777. Redback TAC will provide detailed information to our worldwide systems engineers and focal engineers to assist customers in configuring these workarounds.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: August 23, 2005
Not Affected
Red Hat Enterprise Linux is not vulnerable to this issue.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: April 11, 2005
Not Affected
Not Vulnerable All versions of the Sidewinder(r) v5.x Firewall and Sidewinder G2(r) Security Appliance use one of the implementations recommended for mitigation of this attack. Sidewinder and Sidewinder G2 also support IPsec, allowing a complete workaround for the attack when required. No patches or updates are required.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: April 11, 2005
Not Affected
Solaris is not vulnerable to this issue
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: April 15, 2005
Not Affected
Watchguard's curent assessment is that we are not affected by this issue.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: May 18, 2005
Unknown
Wind River customers should access www.windriver.com to determine the potential vulnerability of their product and download an update.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Updated: May 26, 2005
Affected
YAMAHA products are Vulnerable. Vendor comment: We provide the information on this issue. http://www.rtpro.yamaha.co.jp/RT/FAQ/TCPIP/VU637934.html (Japanese).
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
Notified: March 09, 2005 Updated: March 09, 2005
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.