Actions
Bug #3844
closedtcp: possible bypass with TCP ssn reuse
Affected Versions:
Effort:
Difficulty:
Label:
Description
Scenario:
client: TCP SYN packet 1
server: RST with 'broken ACK' (so ACK field non-zero while ACK flag not set)
client: TCP SYN packet 2
...
The 2nd SYN packet is not considered for TCP ssn reuse as the "state" of the session is not progressed enough.
So the SYNs with their odd RSTs seem to trigger a condition where the apparently valid session following it is not picked up.
Updated by Victor Julien 10 months ago
- Target version changed from 8.0.0-beta1 to 8.0.0-rc1
Updated by Victor Julien 5 months ago
- Target version changed from 8.0.0-rc1 to 9.0.0-beta1
Updated by Victor Julien about 2 months ago
- Status changed from Assigned to In Progress
- Target version changed from 9.0.0-beta1 to 8.0.1
- Label Needs backport to 7.0 added
Updated by OISF Ticketbot about 2 months ago
- Label deleted (
Needs backport to 7.0)
Updated by Victor Julien about 2 months ago
- Status changed from In Progress to In Review
Updated by Victor Julien about 2 months ago
- Status changed from In Review to Resolved
Updated by Victor Julien about 1 month ago
- Status changed from Resolved to Closed
Actions