Blue Coat ProxySG TCP Stack PAWS Timestamp Implementation Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1014322
|
|
SecurityTracker URL: http://securitytracker.com/id?1014322
|
|
CVE Reference: CAN-2005-0356
(Links to External Site)
|
Date: Jun 29 2005
|
Impact: Denial of service via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): SGOS prior to 3.2.5 and 4.1.2
|
Description: A vulnerability was reported in the Blue Coat Systems ProxySG appliances in the TCP implementation. A remote user can cause denial of service conditions.
The TCP Protection Against Wrapped Sequence Numbers (PAWS) timestamps option implementation allows a remote user to send a spoofed
packet with a large timer value to cause the target system to interpret subsequent packets asing being too old and, as a result,
discarding the packets. A remote user can exploit this to cause TCP connections being processed by the ProxySG appliance to be
reset.
|
Impact: A remote user can cause TCP connections being processed by the ProxySG appliance to be reset.
|
Solution: The vendor has issued fixed versions (SG3.2.5, SG4.1.2).
As a workaround, the vendor indicates that you can disable RFC-1323 support.
For instructions, see the vendor's advisory at:
http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2005-0356.html
|
Vendor URL: www.bluecoat.com/support/knowledge/advisory_tcp_can-2005-0356.html (Links to External Site)
|
Cause: State error
|
|
Message History:
None.
|
Source Message Contents
|
Date: Wed, 29 Jun 2005 01:13:26 -0400
Subject: http://www.bluecoat.com/support/knowledge/advisory_tcp_can-2005-0356.html
|
> Security Advisory: TCP Vulnerability CAN-2005-0356
> Severity:
> High
> Some Blue Coat Systems products are vulnerable to the attack described in
> CAN-2005-0356.
|
|
