TCP: C2S Old Packet Old Timestamp in 3WH ACK
This protocol anomaly triggers when it detects an ACK packet in the three-way handshake with a time-stamp that is older than a previously recorded time-stamp (as specified by RFC1323). Because these ambiguous packets can be interpreted by the receiving host in different, unpredictable ways, it is recommended to drop them.
Extended Description
Microsoft Windows TCP/IP protocol implementation is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful attacks will completely compromise affected computers.
Affected Products
Avaya messaging_application_server,Microsoft windows_vista
Short Name
TCP:AUDIT:OLD-3WH-ACK
Severity
Minor
Recommended
False
Recommended Action
None
Category
TCP
Keywords
CVE-2009-1925 ms09-048
Release Date
08/27/2003
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
Avaya
CVSS Score
10.0