I am running ASG 9.003 ( Latest)
I run Security Space Advanced Security Addit (It is the Paid Full Scale Audit) regularly and I noticed new vulnerabilities on my machine without much changes.
I assume Security Space added some detection and now I need to fix my ASG either with patches or better configuration.
Denial of Service: TCP Sequence Number Approximation Reset Denial of Service Vulnerability
general/tcp
Overview: The host is running TCP services and is prone to denial of service
vulnerability.
Vulnerability Insight:
The flaw is triggered when spoofed TCP Reset packets are received by the
targeted TCP stack and will result in loss of availability for the attacked
TCP services.
Impact:
Successful exploitation will allow remote attackers to guess sequence numbers
and cause a denial of service to persistent TCP connections by repeatedly
injecting a TCP RST packet.
Impact Level: System
Affected Software/OS:
TCP
Fix: Please see the referenced advisories for more information on obtaining
and applying fixes.
References:
4030: TCP/IP Sequence Prediction Blind Reset Spoofing DoS
ISS X-Force Database: tcp-rst-dos(15886): TCP spoofed reset denial of service
US-CERT Alert TA04-111A - Vulnerabilities in TCP
IBM IY55949: SECURITY: TCP CONNECTIONS MAY BE RESET CAUSING A DOS - United States
IBM IY55950: SECURITY: TCP CONNECTIONS MAY BE RESET CAUSING A DOS - United States
IBM IY62006: SECURITY: TCP CONNECTIONS MAY BE RESET CAUSING A DOS - United States
Microsoft Security Bulletin MS05-019 - Critical : Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066)
Microsoft Security Bulletin MS06-064 - Important : Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service (922819)
TCP Vulnerabilities in Multiple Non-IOS Cisco Products [Products & Services] - Cisco Systems
TCP Vulnerabilities in Multiple Non-IOS Cisco Products [Products & Services] - Cisco Systems
This thread was automatically locked due to age.
