[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Multiple Vendor TCP Timestamp Vulnerability

From: "Pavel Kankovsky" <peak argo troja mff cuni cz>
To: Discussion of the Fedora Legacy Project <fedora-legacy-list redhat com>
Subject: Re: Multiple Vendor TCP Timestamp Vulnerability
Date: Mon, 30 May 2005 23:50:48 +0200 (CEST)

On Fri, 27 May 2005, John Dalbec wrote:

> Does this affect us?  The CERT Advisory has "unknown" for all the Linux
> vendors.

It has "Not Vulnerable" for Netfilter. Netfilter's "Vendor Statement"
(see http://www.kb.cert.org/vuls/id/JGEI-6ABPN4) says "The Linux Kernel 
implements a check "(B')" as specified in the document. Therefore, the 
Linux Kernel TCP implementation is not vulnerable." I looked at the code 
myself and as far as I can say, Linux does not store TS values from 
out-of-window TCP packets.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

References:
- Multiple Vendor TCP Timestamp Vulnerability
  - From: John Dalbec

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]