Signature Detail

Short Name	CHAT:IRC:OVERFLOW:OPENBSD-DOS
Severity	Medium
Recommended	No
Recommended Action	Drop
Category	CHAT
Keywords	OpenBSD IRC Denial of Service
Release Date	2012/11/27
Update Number	2205
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

CHAT: OpenBSD IRC Denial of Service

This signature detects attempts to exploit a known vulnerability against OpenBSD. A successful attack can result in a denial-of-service condition.

Extended Description

The TCP stack (tcp_input.c) in OpenBSD 3.5 and 3.6 allows remote attackers to cause a denial of service (system panic) via crafted values in the TCP timestamp option, which causes invalid arguments to be used when calculating the retransmit timeout.

Affected Products

openbsd 2.0
openbsd 2.1
openbsd 2.2
openbsd 2.3
openbsd 2.4
openbsd 2.5
openbsd 2.6
openbsd 2.7
openbsd 2.8
openbsd 2.9
openbsd 3.0
openbsd 3.1
openbsd 3.2
openbsd 3.3
openbsd 3.4
openbsd 3.5
openbsd 3.6

References

BugTraq: 12250
CVE: CVE-2005-0740

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

CHAT: OpenBSD IRC Denial of Service

Extended Description

Affected Products

References