CERTA-2004-AVI-143

Vulnerability from certfr_avis - Published: - Updated:

Une faiblesse dans la mise en œuvre du protocole TCP (Transport Control Protocol) a été découverte.

Description

TCP (Transport Control Protocol) est un protocole réseau assurant le service de transport en mode connecté. Il est définit par la RFC 793 de l'IETF (Internet Engineering Task Force) et les extensions concernant la haute disponibilité par la RFC 1323.

Une vulnérabilité dans sa mise en œuvre permet à un individu mal intentionné d'effectuer un déni de service sur les connexions TCP préalablement établies par l'envoi de paquets TCP judicieusement formés.

Solution

Appliquer le correctif suivant le système utilisé :

  • Avis de sécurité Checkpoint :

    http://www.checkpoint.com/techsupport/alerts/tcp_dos.html

  • Avis de sécurité CISCO :

    http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml

http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml

  • Avis de sécurité #20040403-01-A de SGI :

    ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc

  • Alerte de sécurité Juniper :

    http://www.juniper.net/support/alert.html

  • Avis de sécurité NetBSD-SA2004-006 de NetBSD :

    ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc
None
Impacted products
Vendor Product Description
Cisco N/A CISCO IOS Firewall ;
N/A N/A SGI IRIX.
N/A N/A tous les pare-feux NetScreen possèdant une version de ScreenOS antérieure à 5.0R6 ;
NetBSD N/A NetBSD 1.5.x et 2.0 ;
N/A N/A tous les routeurs Juniper série M, T et E ;
Cisco N/A Toutes les versions de CISCO IOS ;
N/A N/A tous les pare-feux CheckPoint Firewall-1 antérieurs à la version R55 HFA-03 ;
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "CISCO IOS Firewall ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "SGI IRIX.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "tous les pare-feux NetScreen poss\u00e8dant une version de ScreenOS ant\u00e9rieure \u00e0 5.0R6 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "NetBSD 1.5.x et 2.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "NetBSD",
          "scada": false
        }
      }
    },
    {
      "description": "tous les routeurs Juniper s\u00e9rie M, T et E ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Toutes les versions de CISCO IOS ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "tous les pare-feux CheckPoint Firewall-1 ant\u00e9rieurs \u00e0 la version R55 HFA-03 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nTCP (Transport Control Protocol) est un protocole r\u00e9seau assurant le\nservice de transport en mode connect\u00e9. Il est d\u00e9finit par la RFC 793 de\nl\u0027IETF (Internet Engineering Task Force) et les extensions concernant la\nhaute disponibilit\u00e9 par la RFC 1323.\n\nUne vuln\u00e9rabilit\u00e9 dans sa mise en \u0153uvre permet \u00e0 un individu mal\nintentionn\u00e9 d\u0027effectuer un d\u00e9ni de service sur les connexions TCP\npr\u00e9alablement \u00e9tablies par l\u0027envoi de paquets TCP judicieusement form\u00e9s.\n\n## Solution\n\nAppliquer le correctif suivant le syst\u00e8me utilis\u00e9 :\n\n-   Avis de s\u00e9curit\u00e9 Checkpoint :\n\n        http://www.checkpoint.com/techsupport/alerts/tcp_dos.html\n\n-   Avis de s\u00e9curit\u00e9 CISCO :\n\n        http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml\n\n        http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml\n\n-   Avis de s\u00e9curit\u00e9 \\#20040403-01-A de SGI :\n\n        ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc\n\n-   Alerte de s\u00e9curit\u00e9 Juniper :\n\n        http://www.juniper.net/support/alert.html\n\n-   Avis de s\u00e9curit\u00e9 NetBSD-SA2004-006 de NetBSD :\n\n        ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc\n",
  "cves": [],
  "links": [
    {
      "title": "Bulletin #236929 du NISCC :",
      "url": "http://www.uniras.gov.uk/vuls/2004/236929/index.htm"
    },
    {
      "title": "RFC 793 Transmission Control Protocol :",
      "url": "http://www.ietf.org/rfc/rfc793.txt"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 HP HPSBTU01077 \"HP Tru64 UNIX TCP    stack remote denial of service (DoS)\" du 22 d\u00e9cembre 2004 :",
      "url": "http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBTU01077"
    },
    {
      "title": "RFC 1323 TCP Extensions for High Performance :",
      "url": "http://www.ietf.org/rfc/rfc1323.txt"
    },
    {
      "title": "Avis de s\u00e9curit\u00e9 FreeBSD du 23 avril mai 2004 :",
      "url": "http://www.vuxml.org/freebsd/"
    },
    {
      "title": "Avis de s\u00e9curit\u00e9 Novell (Netware 5.x et Netware 6.x) :",
      "url": "http://support.novell.com/cgi-bin/search/searchtid.cgi?/10092941.htm"
    }
  ],
  "reference": "CERTA-2004-AVI-143",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2004-04-26T00:00:00.000000"
    },
    {
      "description": "retrait de l\u0027avis SUN.",
      "revision_date": "2004-04-27T00:00:00.000000"
    },
    {
      "description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 FreeBSD.",
      "revision_date": "2004-05-12T00:00:00.000000"
    },
    {
      "description": "ajout de l\u0027avis de s\u00e9curit\u00e9 Novell.",
      "revision_date": "2004-05-24T00:00:00.000000"
    },
    {
      "description": "ajout r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 HP HPSBTU01077 pour Tru64 UNIX .",
      "revision_date": "2005-01-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Une faiblesse dans la mise en \u0153uvre du protocole TCP (Transport Control\nProtocol) a \u00e9t\u00e9 d\u00e9couverte.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans le protocole TCP",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Avis #236929 du NISCC",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.