Recently we've had a scanning vendor tell us our Debian Lenny 5.0.3 is vulnerable to CVE-2004-0230:
TCP/IP Sequence Prediction Blind Reset Spoofing DoS "It may be possible to send spoofed RST packets to the remote system." " . . . vulnerable to a sequence number approximation bug, which may allow an attacker to send spoofed RST packets to the remote host and close established connections . . . " When I tried to look up info about it - one pages lists "Linux" as vulnerable (with no additional information) and I am not able to find anything about Debian's status or relationship to it except possibly for http://www.mail-archive.com/[email protected]/msg01390.html which possibly indicates it's fixed, or someone tried to fix it in 2005. Does anyone know anything about this? I'm needing some kind of fix or work-around so I can satisfy the scan vendor. Thanks, JW -- ---------------------- System Administrator - Cedar Creek Software http://www.cedarcreeksoftware.com -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
