Multiple vendor TCP congestion control denial of service
| tcp-congestion-control-dos (23055) |  Medium Risk |
Description:
Multiple vendor implementations of The Transmission Control Protocol (TCP) hasalready sent, but have not yet been received by a client. This would cause the host to increase the rate at which packets are sent based on the rate at which the forged ACKs are received, which could result in network bandwidth exhaustion.
Consequences:
Denial of Service
Remedy:
No remedy available as of July 9, 2011.
References:
- BID-15468: Multiple Vendor TCP Acknowledgements Remote Denial Of Service Vulnerability
- CVE-2005-3675: The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills available bandwidth.
- US-CERT VU#102014: Optimistic TCP acknowledgements can cause denial of service
Platforms Affected:
- Apple Mac OS
- Cisco IOS
- Compaq Tru64
- Data General DG/UX
- IBM OS2
- Linux Kernel
- Microsoft Windows 2000
- Microsoft Windows 2003 Server
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows Me
- Microsoft Windows NT 4.0
- Microsoft Windows XP
- SCO SCO Unix
- SGI IRIX
- Sun Solaris
- WindRiver BSDOS
- HP-UX
Reported:
Nov 10, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net