Actions
Security #4504
closedtcp: Evasion possibility on wrong/unexpected ACK value in crafted SYN packets
Git IDs:
0d81173d6e912f4be9e3e8f7593d779d8ffed52f
556570f7dd7f21f11cffda5ebcb72738a29cbb90
2c8c043185a4700b042d2154f5076f1c82e5394b
Severity:
CRITICAL
Disclosure Date:
Description
affected versions: all
Please see the pcap attached.
Basically it logs no HTTP even with midstream enabled.
The problem is the first packet right away as it has ACK value that we check and disregard the whole flow/session.But Windows and Linux accept those and everyone else it seems.
Please also see attached a test case(py file) and a patch by Eric.
The pcap can not be shared or made public except of the devs with access to this issue of course.
Files
Updated by Victor Julien almost 3 years ago
- Tracker changed from Bug to Security
- Priority changed from Normal to High
Updated by Victor Julien almost 3 years ago
- Label Needs backport to 5.0, Needs backport to 6.0 added
Updated by Victor Julien almost 3 years ago
- File deleted (
small-eth1-TLPRED.pcap)
Updated by Jeff Lucovsky almost 3 years ago
- Copied to Security #4512: Evasion possibility on wrong/unexpected ACK value in crafted SYN packets added
Updated by Jeff Lucovsky almost 3 years ago
- Copied to Security #4513: Evasion possibility on wrong/unexpected ACK value in crafted SYN packets added
Updated by Victor Julien almost 3 years ago
- Status changed from New to In Progress
- Assignee set to Eric Leblond
- Target version set to 7.0.0-beta1
- CVE set to 2021-35063
Updated by Victor Julien almost 3 years ago
- Status changed from In Progress to Closed
- Priority changed from High to Normal
- Git IDs updated (diff)
Updated by Victor Julien over 2 years ago
- Subject changed from Evasion possibility on wrong/unexpected ACK value in crafted SYN packets to tcp: Evasion possibility on wrong/unexpected ACK value in crafted SYN packets
Actions