SOL4743 - Inadequate validation for TCP segments CVE-2005-0356

2007-05-16T00:00:00
ID SOL4743
Type f5
Reporter f5
Modified 2016-07-25T00:00:00

Description

Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.

Information about this advisory is available at the following location:

<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0356>

F5 Product Development tracked this issue as CR46832, CR46833, and CR46834 and it was fixed in BIG-IP 9.1.0. For information about upgrading, refer to the BIG-IP LTM Release Notes.