certfr_avis - CERTA-2009-AVI-372

CERTA-2009-AVI-372

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans l'implémentation de TCP/IP sous Microsoft Windows permettent d'exécuter du code arbitraire ou de réaliser un déni de service à distance.

Description

De multiples vulnérabilités ont été découvertes dans l'implémentation de TCP/IP sous Microsoft Windows :

un déni de service à distance est possible dû à la façon dont Microsoft Windows gère un nombre excessif de connexions TCP. Cette vulnérabilité est amplifiée lorsque la taille de la fenêtre a une valeur proche de 0 (CVE-2008-4609) ;
une exécution de code arbitraire à distance est possible car la pile TCP/IP de Microsoft Windows ne nettoie pas correctement les informations d'état (CVE-2009-1925) ;
un déni de service à distance est possible du fait d'une erreur dans la gestion des paquets ayant une taille de fenêtre proche de 0 (CVE-2009-1926).

Solution

Se référer au bulletin de sécurité Microsoft MS09-048 pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Microsoft	Windows	Microsoft Windows 2003 x64 Edition Service Pack 2 ;
Microsoft	Windows	Microsoft Windows Vista Service Pack 1 ;
Microsoft	Windows	Microsoft Windows Vista x64 Edition Service Pack 2 ;
Microsoft	Windows	Microsoft Windows Vista ;
Microsoft	Windows	Microsoft Windows Server 2008 for x64-based Systems ;
Microsoft	Windows	Microsoft Windows 2003 with SP2 for Itanium-based Systems ;
Microsoft	Windows	Microsoft Windows Vista Service Pack 2 ;
Microsoft	Windows	Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 ;
Microsoft	Windows	Microsoft Windows Vista x64 Edition Service Pack 1 ;
Microsoft	Windows	Microsoft Windows Server 2008 for Itanium-based Systems ;
Microsoft	Windows	Microsoft Windows Vista x64 Edition ;
Microsoft	Windows	Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 ;
Microsoft	Windows	Microsoft Windows Server 2008 for 32-bit Systems ;
Microsoft	Windows	Microsoft Windows 2003 Service Pack 2 ;
Microsoft	Windows	Microsoft Windows Server 2008 for Itanium-based Systems Service Pack 2.
Microsoft	Windows	Microsoft Windows 2000 Service Pack 4 ;

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft MS09-048 du 08 septembre 2009	None	vendor-advisory
Bulletin de sécurité Microsoft MS09-048 du 08 septembre 2009 :	-	other
Bulletin de sécurité Microsoft MS09-048 du 08 septembre 2009 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Windows 2003 x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista x64 Edition Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 for x64-based Systems ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2003 with SP2 for Itanium-based Systems ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista x64 Edition Service Pack 1 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 for Itanium-based Systems ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Vista x64 Edition ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 for 32-bit Systems ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2003 Service Pack 2 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows Server 2008 for Itanium-based Systems Service Pack 2.",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Windows 2000 Service Pack 4 ;",
      "product": {
        "name": "Windows",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDe multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans l\u0027impl\u00e9mentation de\nTCP/IP sous Microsoft Windows :\n\n-   un d\u00e9ni de service \u00e0 distance est possible d\u00fb \u00e0 la fa\u00e7on dont\n    Microsoft Windows g\u00e8re un nombre excessif de connexions TCP. Cette\n    vuln\u00e9rabilit\u00e9 est amplifi\u00e9e lorsque la taille de la fen\u00eatre a une\n    valeur proche de 0 (CVE-2008-4609) ;\n-   une ex\u00e9cution de code arbitraire \u00e0 distance est possible car la pile\n    TCP/IP de Microsoft Windows ne nettoie pas correctement les\n    informations d\u0027\u00e9tat (CVE-2009-1925) ;\n-   un d\u00e9ni de service \u00e0 distance est possible du fait d\u0027une erreur dans\n    la gestion des paquets ayant une taille de fen\u00eatre proche de 0\n    (CVE-2009-1926).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 Microsoft MS09-048 pour l\u0027obtention\ndes correctifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-1926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1926"
    },
    {
      "name": "CVE-2008-4609",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-4609"
    },
    {
      "name": "CVE-2009-1925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-1925"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-048 du 08 septembre    2009 :",
      "url": "http://www.microsoft.com/france/technet/security/Bulletin/MS09-048.mspx"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-048 du 08 septembre    2009 :",
      "url": "http://www.microsoft.com/technet/security/Bulletin/MS09-048.mspx"
    }
  ],
  "reference": "CERTA-2009-AVI-372",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-09-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans l\u0027impl\u00e9mentation de TCP/IP sous \u003cspan\nclass=\"textit\"\u003eMicrosoft Windows\u003c/span\u003e permettent d\u0027ex\u00e9cuter du code\narbitraire ou de r\u00e9aliser un d\u00e9ni de service \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans TCP/IP sous Windows",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft MS09-048 du 08 septembre 2009",
      "url": null
    }
  ]
}

CVE-2009-1925 (GCVE-0-2009-1925)

Vulnerability from cvelistv5 – Published: 2009-09-08 22:00 – Updated: 2024-08-07 05:27

Summary

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka "TCP/IP Timestamps Code Execution Vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.us-cert.gov/cas/techalerts/TA09-251A.html	third-party-advisoryx_refsource_CERT
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:27:54.873Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:6374",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6374"
          },
          {
            "name": "TA09-251A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
          },
          {
            "name": "MS09-048",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka \"TCP/IP Timestamps Code Execution Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:6374",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6374"
        },
        {
          "name": "TA09-251A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
        },
        {
          "name": "MS09-048",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-1925",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly manage state information, which allows remote attackers to execute arbitrary code by sending packets to a listening service, and thereby triggering misinterpretation of an unspecified field as a function pointer, aka \"TCP/IP Timestamps Code Execution Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:6374",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6374"
            },
            {
              "name": "TA09-251A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
            },
            {
              "name": "MS09-048",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-1925",
    "datePublished": "2009-09-08T22:00:00",
    "dateReserved": "2009-06-04T00:00:00",
    "dateUpdated": "2024-08-07T05:27:54.873Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-1926 (GCVE-0-2009-1926)

Vulnerability from cvelistv5 – Published: 2009-09-08 22:00 – Updated: 2024-10-17 18:29

Summary

Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka "TCP/IP Orphaned Connections Vulnerability."

Severity ?

No CVSS data available.

CWE

Assigner

microsoft

References

URL

Tags

	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.recurity-labs.com/content/pub/Microsof…	x_refsource_MISC
	http://www.securityfocus.com/bid/36269	vdb-entryx_refsource_BID
	http://osvdb.org/57797	vdb-entryx_refsource_OSVDB
	http://www.us-cert.gov/cas/techalerts/TA09-251A.html	third-party-advisoryx_refsource_CERT
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://www.securityfocus.com/archive/1/506331/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:27:54.788Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:5965",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5965"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.recurity-labs.com/content/pub/Microsoft_Windows_CVE-2009-1926"
          },
          {
            "name": "36269",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36269"
          },
          {
            "name": "57797",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/57797"
          },
          {
            "name": "TA09-251A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
          },
          {
            "name": "MS09-048",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
          },
          {
            "name": "20090909 TCP/IP Orphaned Connections Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/506331/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2009-1926",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-01-11T16:45:37.416398Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-17T18:29:15.515Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-09-08T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka \"TCP/IP Orphaned Connections Vulnerability.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:5965",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5965"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.recurity-labs.com/content/pub/Microsoft_Windows_CVE-2009-1926"
        },
        {
          "name": "36269",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36269"
        },
        {
          "name": "57797",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/57797"
        },
        {
          "name": "TA09-251A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
        },
        {
          "name": "MS09-048",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
        },
        {
          "name": "20090909 TCP/IP Orphaned Connections Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/506331/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2009-1926",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to cause a denial of service (TCP outage) via a series of TCP sessions that have pending data and a (1) small or (2) zero receive window size, and remain in the FIN-WAIT-1 or FIN-WAIT-2 state indefinitely, aka \"TCP/IP Orphaned Connections Vulnerability.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:5965",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5965"
            },
            {
              "name": "http://www.recurity-labs.com/content/pub/Microsoft_Windows_CVE-2009-1926",
              "refsource": "MISC",
              "url": "http://www.recurity-labs.com/content/pub/Microsoft_Windows_CVE-2009-1926"
            },
            {
              "name": "36269",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36269"
            },
            {
              "name": "57797",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/57797"
            },
            {
              "name": "TA09-251A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
            },
            {
              "name": "MS09-048",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
            },
            {
              "name": "20090909 TCP/IP Orphaned Connections Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/506331/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2009-1926",
    "datePublished": "2009-09-08T22:00:00",
    "dateReserved": "2009-06-04T00:00:00",
    "dateUpdated": "2024-10-17T18:29:15.515Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-4609 (GCVE-0-2008-4609)

Vulnerability from cvelistv5 – Published: 2008-10-20 17:00 – Updated: 2024-08-07 10:24

Summary

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://blog.robertlee.name/2008/10/conjecture-spe…	x_refsource_MISC
	https://www.cert.fi/haavoittuvuudet/2008/tcp-vuln…	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=125856010926699&w=2	vendor-advisoryx_refsource_HP
	http://lists.immunitysec.com/pipermail/dailydave/…	mailing-listx_refsource_MLIST
	http://insecure.org/stf/tcp-dos-attack-explained.html	x_refsource_MISC
	http://www.outpost24.com/news/news-2008-10-02.html	x_refsource_MISC
	http://www.cpni.gov.uk/Docs/tn-03-09-security-ass…	x_refsource_MISC
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://www.us-cert.gov/cas/techalerts/TA09-251A.html	third-party-advisoryx_refsource_CERT
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	https://docs.microsoft.com/en-us/security-updates…	vendor-advisoryx_refsource_MS
	http://searchsecurity.techtarget.com.au/articles/…	x_refsource_MISC
	https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://marc.info/?l=bugtraq&m=125856010926699&w=2	vendor-advisoryx_refsource_HP

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:24:20.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
          },
          {
            "name": "HPSBMI02473",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
          },
          {
            "name": "[dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.outpost24.com/news/news-2008-10-02.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
          },
          {
            "name": "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
          },
          {
            "name": "TA09-251A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "name": "20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
          },
          {
            "name": "MS09-048",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
          },
          {
            "name": "oval:org.mitre.oval:def:6340",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "SSRT080138",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-10-02T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
        },
        {
          "name": "HPSBMI02473",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
        },
        {
          "name": "[dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.outpost24.com/news/news-2008-10-02.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
        },
        {
          "name": "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
        },
        {
          "name": "TA09-251A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
        },
        {
          "name": "20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
        },
        {
          "name": "MS09-048",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
        },
        {
          "name": "oval:org.mitre.oval:def:6340",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "SSRT080138",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-4609",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://blog.robertlee.name/2008/10/conjecture-speculation.html",
              "refsource": "MISC",
              "url": "http://blog.robertlee.name/2008/10/conjecture-speculation.html"
            },
            {
              "name": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html",
              "refsource": "MISC",
              "url": "https://www.cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html"
            },
            {
              "name": "HPSBMI02473",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
            },
            {
              "name": "[dailydave] 20081002 TCP Resource Exhaustion DoS Attack Speculation",
              "refsource": "MLIST",
              "url": "http://lists.immunitysec.com/pipermail/dailydave/2008-October/005360.html"
            },
            {
              "name": "http://insecure.org/stf/tcp-dos-attack-explained.html",
              "refsource": "MISC",
              "url": "http://insecure.org/stf/tcp-dos-attack-explained.html"
            },
            {
              "name": "http://www.outpost24.com/news/news-2008-10-02.html",
              "refsource": "MISC",
              "url": "http://www.outpost24.com/news/news-2008-10-02.html"
            },
            {
              "name": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf",
              "refsource": "MISC",
              "url": "http://www.cpni.gov.uk/Docs/tn-03-09-security-assessment-TCP.pdf"
            },
            {
              "name": "20090908 TCP State Manipulation Denial of Service Vulnerabilities in Multiple Cisco Products",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af511d.shtml"
            },
            {
              "name": "TA09-251A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA09-251A.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
            },
            {
              "name": "20081017 Cisco Response to Outpost24 TCP State Table Manipulation Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_response09186a0080a15120.html"
            },
            {
              "name": "MS09-048",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-048"
            },
            {
              "name": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked",
              "refsource": "MISC",
              "url": "http://searchsecurity.techtarget.com.au/articles/27154-TCP-is-fundamentally-borked"
            },
            {
              "name": "oval:org.mitre.oval:def:6340",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6340"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "SSRT080138",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=125856010926699\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-4609",
    "datePublished": "2008-10-20T17:00:00",
    "dateReserved": "2008-10-20T00:00:00",
    "dateUpdated": "2024-08-07T10:24:20.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2009-AVI-372

Description

Solution

CVE-2009-1925 (GCVE-0-2009-1925)

CVE-2009-1926 (GCVE-0-2009-1926)

CVE-2008-4609 (GCVE-0-2008-4609)

Tags

Sightings

Nomenclature