Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 30 May 2012 20:25:23 +0200
From: Florian Weimer <fw@...eb.enyo.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request -- kernel: tcp: drop SYN+FIN messages

* John Haxby:

> Recently we have a couple of queries relating to a Nessus "TCP/IP
> SYN+FIN Packet Filtering Weakness".   This has not been helped by the
> fact that [1] actually points (indrectly) to CVE-2002-2438 which is
> actually a SYN+RST problem.

Reading the discussion here,

  <http://comments.gmane.org/gmane.linux.network/213981>

it seems to me that this is just a performance optimization which
could be bypassed by using different flags, so I don't think there's a
vulnerability or fix here, except the general lack of source IP
address validation in IP networks.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.