[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Core Internet Vulnerable - News at 11:00

To: <cjclark@xxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
From: "Exibar" <exibar@xxxxxxxxxxx>
Date: Tue, 20 Apr 2004 15:37:03 -0400

Looks like this is the same thing:

NISCC Vulnerability Advisory 236929

Vulnerability Issues in TCP


Version Information

Advisory Reference 236929
Release Date 20 April 2004
Last Revision 20 April 2004
Version Number 1.0


What is Affected?

The vulnerability described in this advisory affects implementations of
the Transmission Control Protocol (TCP) that comply with the Internet
Engineering Task Force.s (IETF.s) Requests For Comments (RFCs) for TCP,
including RFC 793, the original specification, and RFC 1323, TCP
Extensions for High Performance.

TCP is a core network protocol used in the majority of networked computer
systems today. Many vendors include support for this protocol in their
products and may be impacted to varying degrees. Furthermore any network
service or application that relies on a TCP connection will also be
impacted, the severity depending primarily on the duration of the TCP
session.

Full Advisory
http://www.uniras.gov.uk/vuls/2004/236929/index.htm


----- Original Message ----- 
From: "Crist J. Clark" <cristjc@xxxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxx>
Sent: Tuesday, April 20, 2004 1:28 PM
Subject: [Full-Disclosure] Core Internet Vulnerable - News at 11:00


> Does anyone know WTF they are trying to say in this AP article,
> "Core Internet Technology Is Vulnerable,"
>
>
http://story.news.yahoo.com/news?tmpl=story&cid=562&ncid=738&e=1&u=/ap/20040420/ap_on_hi_te/internet_threat
>
> It sounds like they are talking about a sequence number guessing
> attack on TCP BGP sessions? Sequence number prediction isn't really
> a new attack, but the story says,
>
>   "Experts previously maintained such attacks could take between
>    four years and 142 years to succeed because they require guessing
>    a rotating number from roughly 4 billion possible combinations.
>    Watson said he can guess the proper number with as few as four
>    attempts, which can be accomplished within seconds."
>
> Hmmm... Four attempts... And the story makes it sound like a
> cross-platform attack, not a bug in a particular OS's ISN generation.
> FUD or is there something here?
> -- 
> Crist J. Clark                     |     cjclark@xxxxxxxxxxxx
>                                    |     cjclark@xxxxxxx
> http://people.freebsd.org/~cjc/    |     cjc@xxxxxxxxxxx
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
  - From: james

References:
- [Full-Disclosure] Core Internet Vulnerable - News at 11:00
  - From: Crist J. Clark

Prev by Date: RE: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
Next by Date: Re: [Full-Disclosure] Passwords for Chocolate!
Previous by thread: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
Next by thread: Re: [Full-Disclosure] Core Internet Vulnerable - News at 11:00
Index(es):
- Date
- Thread