Crafted TCP Packet - Advisory ID: cisco-sa-20070124-crafted-tcp

Unanswered Question
Apr 23rd, 2007

Workaround shows ACL on an interface. Will ACL on VTY line to protect TELNET/SSH also work?

Also, how about ACL on ip HTTP command, and BGP ? Will this prevent this vulnerability?

"Although this is an issue with TCP, it is not required to complete the TCP 3-way handshake in order for the memory leak to be triggered. Therefore, TCP packets with a spoofed source address may trigger the leak."

Doesn't need TCP 3way handshake, I take it that VTY acl will prob not work then?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion