Lucene search

K
f5F5F5:K3126
HistoryApr 04, 2014 - 12:00 a.m.

K3126 : Large TCP window sizes may make it easier to predict sequence numbers vulnerability CVE-2004-0230

2014-04-0400:00:00
my.f5.com
329

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.3%

Security Advisory Description

Note: For information about signing up to receive security notice updates from F5, refer to K9970: Subscribing to email notifications regarding F5 products.Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5 security vulnerability response policy.F5 products and versions that have been evaluated for this Security Advisory

Product Affected Not Affected
BIG-IP LTM None 9.x
10.x
11.x
BIG-IP GTM None 9.x
10.x
11.x
BIG-IP ASM None 9.x
10.x
11.x
BIG-IP Link Controller None 9.x
10.x
11.x
BIG-IP WebAccelerator None 9.x
10.x
11.x
BIG-IP PSM None 9.x
10.x
11.x
BIG-IP WAN Optimization None 10.x
11.x
BIG-IP APM None 10.x
11.x
BIG-IP Edge Gateway None 10.x
11.x
BIG-IP Analytics None 11.x
BIG-IP AFM None 11.x
BIG-IP PEM None 11.x
FirePass None 5.x
6.x
7.x
Enterprise Manager None 1.x
2.x
3.x
BIG-IQ Centralized Management None 5.x
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
This vulnerability is found in the principle design of TCP/IP itself and cannot be completely corrected without changing to an alternate protocol. The central issue in this vulnerability is that for long-lived connections, as measured in hours or days, an outside attacker could send a flurry of RST packets and cut the connection and adversely affect clients, servers, or peers.