| VID |
12056 |
| Severity |
40 |
| Port |
|
| Protocol |
TCP |
| Class |
Protocol |
| Detailed Description |
The machine appears to be crashed by the flooding attack using the 'stream.c' attack. The stream.c attack is a denial of service attack designed to crash an affected system. By sending a flood of spoofed TCP packets with the ACK flag set to random destination ports, a remote attacker could crash certain vulnerable host, or prevent your network from working properly.
* References:
http://www.iss.net/security_center/alerts/advise48.php
http://online.securityfocus.com/archive/1/42729
http://online.securityfocus.com/archive/1/42723
* Platforms Affected:
Any application Any version |
| Recommendation |
For FreeBSD:
Upgrade to the latest version of FreeBSD (4.3 or later), available from FreeBSD official web site at http://www.freebsd.org .
For Check Point Software Firewall-1 3.0, 4.0:
Re-configure your affected device appropriately or apply the patch for this flaw, as listed in SecurityFocus Web site at http://www.securityfocus.com/bid/549/solution/
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-1999-0770 (CVE) |
| Related URL |
549 (SecurityFocus) |
| Related URL |
4485 (ISS) |
|
