Description
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
Affected products
- Juniper / junos12.1x44 β 12.1x44
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4 β 11.4
- Juniper / junos11.4r13 β 11.4r13
- Juniper / junos11.4x27 β 11.4x27
- Juniper / junos12.1 β 12.1
- Juniper / junos12.1r β 12.1r
- Juniper / junos12.1x44 β 12.1x44
- Juniper / junos12.1x44 β 12.1x44
- Juniper / junos12.1x44 β 12.1x44
- Juniper / junos12.1x44 β 12.1x44
- Juniper / junos11.4
- Juniper / junos12.1x44 β 12.1x44
- Juniper / junos12.1x44 β 12.1x44
- Juniper / junos12.1x45 β 12.1x45
- Juniper / junos12.1x45 β 12.1x45
- Juniper / junos12.1x45 β 12.1x45
- Juniper / junos12.1x45 β 12.1x45
- Juniper / junos12.1x46 β 12.1x46
- Juniper / junos12.1x46 β 12.1x46
- Juniper / junos12.1x46 β 12.1x46
- Juniper / junos12.1x47 β 12.1x47
- Juniper / junos12.2 β 12.2
- Juniper / junos12.2 β 12.2
- Juniper / junos12.2 β 12.2
- Juniper / junos12.2 β 12.2
- Juniper / junos12.2 β 12.2
- Juniper / junos12.2 β 12.2
- Juniper / junos12.2 β 12.2
- Juniper / junos12.2 β 12.2
- Juniper / junos12.3 β 12.3
- Juniper / junos12.3 β 12.3
- Juniper / junos12.3 β 12.3
- Juniper / junos12.3 β 12.3
- Juniper / junos12.3 β 12.3
- Juniper / junos12.3 β 12.3
- Juniper / junos13.1 β 13.1
- Juniper / junos13.1 β 13.1
- Juniper / junos13.1 β 13.1
- Juniper / junos13.1 β 13.1
- Juniper / junos13.2 β 13.2
- Juniper / junos13.2 β 13.2
- Juniper / junos13.2 β 13.2
- Juniper / junos13.2 β 13.2
- Juniper / junos13.3 β 13.3
- Juniper / junos13.3 β 13.3
- McAfee / Network Data Loss Prevention9.2.0 β 9.2.0
- McAfee / Network Data Loss Prevention8.6
- McAfee / Network Data Loss Prevention9.2.2 β 9.2.2
- McAfee / Network Data Loss Prevention9.2.1 β 9.2.1
- Microsoft / windows_2000
- Microsoft / windows_2000
- Microsoft / windows_98
- Microsoft / windows_98se
- Microsoft / windows_server_2003
- Microsoft / windows_server_2003
- Microsoft / windows_server_2003
- Microsoft / windows_server_2003
- Microsoft / windows_xp
- Microsoft / windows_xp
- Microsoft / windows_xp
- Microsoft / windows_xp
- NetBSD / netbsd1.5.2 β 1.5.2
- NetBSD / netbsd1.5 β 1.5
- NetBSD / netbsd1.5.1 β 1.5.1
- NetBSD / netbsd1.5.3 β 1.5.3
- NetBSD / netbsd1.6 β 1.6
- NetBSD / netbsd1.6.1 β 1.6.1
- NetBSD / netbsd1.6.2 β 1.6.2
- NetBSD / netbsd2.0 β 2.0
- openpgp / openpgp2.6.2 β 2.6.2
- oracle / solaris10 β 10
- oracle / solaris11 β 11
- xinuos / openserver5.0.7 β 5.0.7
- xinuos / openserver5.0.6 β 5.0.6
- xinuos / unixware7.1.1 β 7.1.1
- xinuos / unixware7.1.3 β 7.1.3
References
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508
- MISChttp://www.us-cert.gov/cas/techalerts/TA04-111A.html
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711
- MAILING_LISThttp://marc.info/?l=bugtraq&m=108302060014745&w=2
- MISChttp://www.securityfocus.com/archive/1/449179/100/0/threaded
- MISChttp://www.uniras.gov.uk/vuls/2004/236929/index.htm
- MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064
- VENDOR_ADVISORYhttp://secunia.com/advisories/11440
- MISChttp://kb.juniper.net/JSA10638
- MISChttps://kc.mcafee.com/corporate/index?page=content&id=SB10053
- VENDOR_ADVISORYhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
- MISChttp://www.kb.cert.org/vuls/id/415294
- MAILING_LISThttp://marc.info/?l=bugtraq&m=108506952116653&w=2
- MISCftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt
- VENDOR_ADVISORYftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc
- MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019
- MISChttp://www.securityfocus.com/archive/1/449179/100/0/threaded
- VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml
- MISCftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt
- MISChttp://www.securityfocus.com/bid/10183
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791
- MISCftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/15886
- MISChttp://www.osvdb.org/4030
- VENDOR_ADVISORYhttp://secunia.com/advisories/22341
- VENDOR_ADVISORYftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/3983
- VENDOR_ADVISORYhttp://secunia.com/advisories/11458