Multiple Vendor TCP Timestamp Vulnerability
Pavel Kankovsky
peak at argo.troja.mff.cuni.cz
Mon May 30 21:50:48 UTC 2005
On Fri, 27 May 2005, John Dalbec wrote:
> Does this affect us? The CERT Advisory has "unknown" for all the Linux
> vendors.
It has "Not Vulnerable" for Netfilter. Netfilter's "Vendor Statement"
(see http://www.kb.cert.org/vuls/id/JGEI-6ABPN4) says "The Linux Kernel
implements a check "(B')" as specified in the document. Therefore, the
Linux Kernel TCP implementation is not vulnerable." I looked at the code
myself and as far as I can say, Linux does not store TS values from
out-of-window TCP packets.
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
More information about the fedora-legacy-list
mailing list