Project

General

Profile

Actions
Copy link

Bug #3844

closed

tcp: possible bypass with TCP ssn reuse

Added by Victor Julien about 5 years ago. Updated 8 days ago.

Status:
Closed
Priority:
Normal
Assignee:
Victor Julien
Target version:
8.0.1
Affected Versions:
8.0.0
Effort:
Difficulty:
Label:

Description

Scenario:

client: TCP SYN packet 1
server: RST with 'broken ACK' (so ACK field non-zero while ACK flag not set)
client: TCP SYN packet 2
...

The 2nd SYN packet is not considered for TCP ssn reuse as the "state" of the session is not progressed enough.

So the SYNs with their odd RSTs seem to trigger a condition where the apparently valid session following it is not picked up.

Subtasks 1 (0 open1 closed)

Bug #7876: tcp: possible bypass with TCP ssn reuse (7.0.x backport)ClosedVictor JulienActions
Actions
Copy link

Also available in: Atom PDF