ID: 0909-01
Ref: CERT-FI Reference FICORA #193744
Date: 8 September 2009
Version: 1.0
Title: Vulnerabilities potentially affecting implementations of TCP protocol
Abstract: Vulnerabilities in some implementations of TCP.
Vulnerabilities have been discovered in some implementations of TCP.
Targets include servers and server applications, workstations and end user applications, network devices, embedded systems and mobile devices. Attacks exploiting the vulnerabilities may result in a denial of service (DoS) and do not require significant bandwidth to be successful.
Remediation
CERT-FI, who have been coordinating this issue with Outpost24 and vendors, advise that, where possible, users patch the vulnerable software components according to the guidance published by the vendor. Where TCP stack implementations are vulnerable but vendors have not provided a patch then white-listing access to TCP services on critical systems and routers is currently the most effective means for mitigation. (An attacker must be able to establish TCP sockets to affect the target - the attacks cannot be spoofed.)
For further details see CERT-FIs advisory
http://cert.fi/haavoittuvuudet/2008/tcp-vulnerabilities.html