INFORMATION

Name : CVE-2008-4609 First Publication : 2008-10-20
Severity : High Last Modification : 2009-01-06

SCORING CVSS v2

Cvss Base Score : 7.1 Attack Range : Network
Cvss Impact Score : 6.9 Attack Complexity : Medium
Cvss Expoit Score : 8.6 Authentification : None Required

DETAIL

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.Please see also:
http://blog.robertlee.name/2008/10/more-detailed-response-to-gordons-post.html

and

http://www.curbrisk.com/security-blog/robert-e-lee-discusses-tcp-denial-service-vulnerability-sc-magazine.html


MORE INFORMATIONS

If you login, you will see more informations about this alert including :

1 CWE ID(s)
2550 CPE ID(s)
6 Secondary sources

Your browser must accept cookie for login.

Login : Password: Captcha :
Remember me ?
if you can not read it, please refresh the page

If you don't have a login, register for FREE.