Multiple Vendor TCP Timestamp Vulnerability

Pavel Kankovsky peak at argo.troja.mff.cuni.cz
Mon May 30 21:50:48 UTC 2005


On Fri, 27 May 2005, John Dalbec wrote:

> Does this affect us?  The CERT Advisory has "unknown" for all the Linux
> vendors.

It has "Not Vulnerable" for Netfilter. Netfilter's "Vendor Statement"
(see http://www.kb.cert.org/vuls/id/JGEI-6ABPN4) says "The Linux Kernel 
implements a check "(B')" as specified in the document. Therefore, the 
Linux Kernel TCP implementation is not vulnerable." I looked at the code 
myself and as far as I can say, Linux does not store TS values from 
out-of-window TCP packets.

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."




More information about the fedora-legacy-list mailing list