[Dshield] Vulnerability Issues in TCP

Peter Stendahl-Juvonen peter.stendahl-juvonen at welho.com
Thu Apr 22 15:05:54 GMT 2004

list-bounces at lists.dshield.org <mailto:list-bounces at lists.dshield.org> wrote on Thursday, April 22,
2004 1:44 PM UTC+3 on behalf of Pete Cap

| Someone please correct me if I'm wrong, but,
| notwithstanding the AP news stories about this
| "vulnerability," is this not a problem with the
| IMPLEMENTATION of TCP rather than a problem with the
| underlying protocol itself?

Pete et al.

IMHO, the vulnerability is in TCP.

   - Multiple systems affected by vulnerability in TCP -

US-CERT/CC has published, at
http://www.us-cert.gov/cas/techalerts/TA04-111A.html, an advisory about a vulnerability in TCP that
could allow a malicious user to carry out denial of service attacks.

This is a serious problem, as multiple implementations of the BGP (Border Gateway Protocol) rely on
TCP to maintain permanent unauthenticated network sessions. Therefore, the vulnerability detected
could allow remote attackers to terminate network sessions.

Although BGP (designed to exchange information between routers and other devices) has been
identified as vulnerable, the problem could affect any other protocol or service that rely on
persistent TCP connections.

Some manufacturers, such as Cisco (*), have already published advisories about the impact of this
vulnerability on their systems.

As a workaround, users are recommended to implement and use cryptographically secure protocols.
Similarly, users are advised to keep informed about the updates published by the manufacturers of

(*) The advisories published by Cisco are available at:

-   US-CERT/CC   -

Vulnerabilities in TCP

Systems Affected

    * Systems that rely on persistent TCP connections, for example routers supporting BGP


Most implementations of the Border Gateway Protocol (BGP) rely on the Transmission Control Protocol
(TCP) to maintain persistent unauthenticated network sessions. There is vulnerability in TCP, which
allows remote attackers to terminate network sessions. Sustained exploitation of this vulnerability
could lead to a denial of service condition; in the case of BGP systems, portions of the Internet
community may be affected. Routing operations would recover quickly after such attacks ended.


- Pete

         "Take nothing on its looks: take everything on evidence. 
                           There's no better rule."
         Charles Dickens (1812-1870); English novelist, dramatist.

More information about the list mailing list