TCP: Microsoft Windows TCP Stack Zero Window Size Denial Of Service
This signature detects attempts to exploit a known vulnerability against Microsoft Windows TCP/IP stack. A successful attack can result in a denial-of-service condition. This is an old issue and newer versions are unaffected by this vulnerability.
Extended Description
The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
Affected Products
Oracle solaris
References
CVE: CVE-2008-4609
Short Name
TCP:OPTERR:MS-ZERO-WINDOW-SIZE
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
TCP
Keywords
CVE-2008-4609 Denial Microsoft Of Service Size Stack TCP Window Windows Zero
Release Date
01/07/2013
Supported Platforms
srx-branch-12.3
srx-branch-19.3
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vmx-19.4
mx-12.3
vsrx3bsd-19.2
mx-19.3
mx-19.4
vmx-19.3
vsrx-12.3
srx-19.3
vsrx-19.4
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Cisco
Trustedbsd
Oracle
Midnightbsd
Freebsd
Linux
Bsd
Openbsd
Netbsd
Bsdi
Microsoft
Dragonflybsd
CVSS Score
7.1