[56873] in North American Network Operators' Group
VU#464113 - TCP/IP implementations handle unusual flag combinations
daemon@ATHENA.MIT.EDU (Ian Finlay)
Thu Mar 20 12:46:24 2003
Date: Thu, 20 Mar 2003 12:45:12 -0500 (EST)
From: Ian Finlay <iaf@cert.org>
To: nanog@merit.edu
Errors-To: owner-nanog-outgoing@merit.edu
Hello,
This may be old news to many, but I wanted to follow-up to the message I
sent last October on this subject:
<http://www.merit.edu/mail.archives/nanog/2002-10/msg00519.html>
We have now published information about this issue here:
<http://www.kb.cert.org/vuls/id/464113>
We also have a few reports of possible exploitation.
If you have feedback, please send mail to cert@cert.org with VU#464113 in
the subject header.
Thanks to the NANOG community for prior feedback on this issue.
Regards,
Ian
Ian Finlay
Internet Systems Security Analyst - CERT/CC Operations
Networked Systems Survivability Program
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
CERT (R) Coordination Center Email: cert@cert.org
Software Engineering Institute WWW: http://www.cert.org
Carnegie Mellon University Hotline: +1-412-268-7090
Pittsburgh, PA USA 15213-3890 FAX: +1-412-268-6989
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
