Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 DOS:MULTIVENDOR-TCP-TIMESTAMP

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 DOS

Keywords

 Multi Vendor TCP Timestamp Option Denial of Service

Release Date

 2012/11/26

Update Number

 2205

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

DOS: Multi Vendor TCP Timestamp Option Denial of Service


This signature detects attempts to exploit a known vulnerability against TCP implementations of multiple vendors. A successful attack can result in a denial-of-service condition.

Extended Description

A denial-of-service vulnerability exists for the TCP RFC 1323. The issue resides in the Protection Against Wrapped Sequence Numbers (PAWS) technique that was included to increase overall TCP performance. When TCP 'timestamps' are enabled, both hosts at the endpoints of a TCP connection employ internal clocks to mark TCP headers with a 'timestamp' value. When TCP PAWS is configured to employ timestamp values, this functionality exposes TCP PAWS implementations to a denial-of-service vulnerability. The issue manifests if an attacker transmits a sufficient TCP PAWS packet to a vulnerable computer. The attacker sets a large value as the packet timestamp. When the target computer processes this packet, the internal timer is updated to the large value that the attacker supplied. This causes all other valid packets that are received subsequent to an attack to be dropped, because they are deemed to be too old or invalid. This type of attack will effectively deny service for a target connection.

Affected Products

  • ALAXALA Networks AX5400S Null
  • ALAXALA Networks AX7800R Null
  • ALAXALA Networks AX7800S Null
  • Avaya CVLAN
  • Avaya Interactive Response 1.2.1
  • Avaya Interactive Response 1.3.0
  • Avaya Interactive Response
  • Avaya Intuity AUDIX
  • Avaya Intuity Audix R5
  • Blue Coat Systems CacheOS Null
  • Blue Coat Systems SGOS
  • Cisco Agent Desktop
  • Cisco AP1200
  • Cisco AP350
  • Cisco Call Manager 1.0.0
  • Cisco Call Manager 2.0.0
  • Cisco Call Manager 3.0.0
  • Cisco Call Manager 3.1.0
  • Cisco Call Manager 3.1.0 (2)
  • Cisco Call Manager 3.1.0 (3a)
  • Cisco Call Manager 3.2.0
  • Cisco Call Manager 3.3.0
  • Cisco Call Manager 3.3.0 (3)
  • Cisco Call Manager 4.0.0
  • Cisco Call Manager
  • Cisco CiscoWorks
  • Cisco CiscoWorks 1105 Hosting Solution Engine
  • Cisco CiscoWorks 1105 Wireless LAN Solution Engine
  • Cisco CiscoWorks Access Control List Manager 1.5.0
  • Cisco CiscoWorks Access Control List Manager 1.6.0
  • Cisco CiscoWorks CD1 1st Edition
  • Cisco CiscoWorks CD1 2nd Edition
  • Cisco CiscoWorks CD1 3rd Edition
  • Cisco CiscoWorks CD1 4th Edition
  • Cisco CiscoWorks CD1 5th Edition
  • Cisco CiscoWorks Common Management Foundation 2.0.0
  • Cisco CiscoWorks Common Management Foundation 2.1.0
  • Cisco CiscoWorks Common Management Foundation 2.2.0
  • Cisco CiscoWorks Common Services 2.2.0
  • Cisco CiscoWorks LMS 1.3.0
  • Cisco CiscoWorks VPN/Security Management Solution
  • Cisco CiscoWorks Windows
  • Cisco CiscoWorks Windows
  • Cisco CiscoWorks Windows/WUG
  • Cisco Conference Connection 1.1.0 (1)
  • Cisco Conference Connection 1.2.0
  • Cisco Conference Connection
  • Cisco CSS11000 Content Services Switch
  • Cisco CSS11050 Content Services Switch
  • Cisco CSS11150 Content Services Switch
  • Cisco CSS11500 Content Services Switch 7.10.0 (05.07)S
  • Cisco CSS11500 Content Services Switch 7.20.0 (03.09)S
  • Cisco CSS11500 Content Services Switch 7.20.0 (03.10)S
  • Cisco CSS11500 Content Services Switch 7.30.0 (00.08)S
  • Cisco CSS11500 Content Services Switch 7.30.0 (00.09)S
  • Cisco CSS11500 Content Services Switch
  • Cisco CSS11501 Content Services Switch
  • Cisco CSS11503 Content Services Switch
  • Cisco CSS11506 Content Services Switch
  • Cisco CSS11800 Content Services Switch
  • Cisco E-Mail Manager
  • Cisco Emergency Responder 1.1.0
  • Cisco Emergency Responder
  • Cisco Intelligent Contact Manager 5.0.0
  • Cisco Intelligent Contact Manager
  • Cisco Interactive Voice Response
  • Cisco IP Contact Center Enterprise
  • Cisco IP Contact Center Express
  • Cisco MeetingPlace
  • Cisco MGX
  • Cisco MGX 8230 1.2.10
  • Cisco MGX 8230 1.2.11
  • Cisco MGX 8250 1.2.10
  • Cisco MGX 8250 1.2.11
  • Cisco Personal Assistant 1.3.0 (1)
  • Cisco Personal Assistant 1.3.0 (2)
  • Cisco Personal Assistant 1.3.0 (3)
  • Cisco Personal Assistant 1.3.0 (4)
  • Cisco Personal Assistant 1.4.0 (1)
  • Cisco Personal Assistant 1.4.0 (2)
  • Cisco Personal Assistant
  • Cisco Remote Monitoring Suite Option
  • Cisco Secure Access Control Server 3.0.0
  • Cisco Secure Access Control Server 3.1.0
  • Cisco Secure Access Control Server 3.2.0
  • Cisco Secure Access Control Server 3.2.0 (1)
  • Cisco Secure Access Control Server 3.2.0 (1.20)
  • Cisco Secure Access Control Server 3.2.0 (2)
  • Cisco Secure Access Control Server 3.2.0 (3)
  • Cisco Secure Access Control Server 3.2.1
  • Cisco Secure Access Control Server 3.2.2
  • Cisco Secure Access Control Server 3.3.0
  • Cisco Secure Access Control Server 3.3.0 (1)
  • Cisco Secure Access Control Server 3.3.1
  • Cisco Secure Access Control Server 3.3.2
  • Cisco Secure Access Control Server
  • Cisco Secure ACS for Unix 2.0.0
  • Cisco Secure ACS for Unix 2.3.0
  • Cisco Secure ACS for Unix 2.3.5 .1
  • Cisco Secure ACS for Unix 2.3.6 .1
  • Cisco Secure ACS for Windows NT 2.1.0
  • Cisco Secure ACS for Windows NT 2.3.0
  • Cisco Secure ACS for Windows NT 2.4.0
  • Cisco Secure ACS for Windows NT 2.42.0
  • Cisco Secure ACS for Windows NT 2.5.0
  • Cisco Secure ACS for Windows NT 2.6.0
  • Cisco Secure ACS for Windows NT 2.6.2
  • Cisco Secure ACS for Windows NT 2.6.3
  • Cisco Secure ACS for Windows NT 2.6.4
  • Cisco Secure ACS for Windows NT 3.0.0
  • Cisco Secure ACS for Windows NT 3.0.0 .1
  • Cisco Secure ACS for Windows NT 3.0.3
  • Cisco Secure ACS for Windows NT 3.1.1
  • Cisco Secure ACS for Windows Server 3.2.0
  • Cisco Secure ACS Solution Engine 3.3.0
  • Cisco Secure ACS Solution Engine 3.3.1
  • Cisco Secure ACS Solution Engine 3.3.2
  • Cisco Secure ACS Solution Engine
  • Cisco SN5400 series storage routers
  • Cisco SN 5420 Storage Router 1.1.0 (2)
  • Cisco SN 5420 Storage Router 1.1.0 (3)
  • Cisco SN 5420 Storage Router 1.1.0 (4)
  • Cisco SN 5420 Storage Router 1.1.0 (5)
  • Cisco SN 5420 Storage Router 1.1.0 (7)
  • Cisco SN 5420 Storage Router 1.1.3
  • Cisco SN 5428 Storage Router SN5428-2-3.3.1-K9
  • Cisco SN 5428 Storage Router SN5428-2-3.3.2-K9
  • Cisco SN 5428 Storage Router SN5428-2.5.1-K9
  • Cisco SN 5428 Storage Router SN5428-3.2.1-K9
  • Cisco SN 5428 Storage Router SN5428-3.2.2-K9
  • Cisco SN 5428 Storage Router SN5428-3.3.1-K9
  • Cisco SN 5428 Storage Router SN5428-3.3.2-K9
  • Cisco Support Tools
  • Cisco Unity Server 2.0.0
  • Cisco Unity Server 2.1.0
  • Cisco Unity Server 2.2.0
  • Cisco Unity Server 2.3.0
  • Cisco Unity Server 2.4.0
  • Cisco Unity Server 2.46.0
  • Cisco Unity Server 3.0.0
  • Cisco Unity Server 3.1.0
  • Cisco Unity Server 3.2.0
  • Cisco Unity Server 3.3.0
  • Cisco Unity Server 4.0.0
  • Cisco Unity Server
  • Cisco Web Collaboration Option
  • F5 BigIP 4.0.0
  • F5 BigIP 4.2.0
  • F5 BigIP 4.3.0
  • F5 BigIP 4.4.0
  • F5 BigIP 4.5.0
  • F5 BigIP 4.5.10
  • F5 BigIP 4.5.11
  • F5 BigIP 4.5.12
  • F5 BigIP 4.5.6
  • F5 BigIP 4.5.9
  • F5 BigIP 4.6.0
  • F5 BigIP 4.6.2
  • F5 BigIP 9.0.0
  • F5 BigIP 9.0.1
  • F5 BigIP 9.0.2
  • F5 BigIP 9.0.3
  • F5 BigIP 9.0.4
  • F5 BigIP 9.0.5
  • FreeBSD 1.1.5 .1
  • FreeBSD 2.0.0
  • FreeBSD 2.0.5
  • FreeBSD 2.1.0
  • FreeBSD 2.1.0 X
  • FreeBSD 2.1.5
  • FreeBSD 2.1.6
  • FreeBSD 2.1.6 .1
  • FreeBSD 2.1.7 .1
  • FreeBSD 2.2.0
  • FreeBSD 2.2.0 X
  • FreeBSD 2.2.2
  • FreeBSD 2.2.3
  • FreeBSD 2.2.4
  • FreeBSD 2.2.5
  • FreeBSD 2.2.6
  • FreeBSD 2.2.8
  • FreeBSD 2.X
  • FreeBSD 3.0.0
  • FreeBSD 3.0.0 -RELENG
  • FreeBSD 3.1.0
  • FreeBSD 3.1.0 X
  • FreeBSD 3.2.0
  • FreeBSD 3.2.0 X
  • FreeBSD 3.3.0
  • FreeBSD 3.3.0 X
  • FreeBSD 3.4.0
  • FreeBSD 3.4.0 X
  • FreeBSD 3.5.0
  • FreeBSD 3.5.0 -STABLE
  • FreeBSD 3.5.0 -Stablepre050201
  • FreeBSD 3.5.0 -Stablepre122300
  • FreeBSD 3.5.0 X
  • FreeBSD 3.5.1
  • FreeBSD 3.5.1 -RELEASE
  • FreeBSD 3.5.1 -STABLE
  • FreeBSD 3.5.1 -Stablepre2001-07-20
  • FreeBSD 3.X
  • FreeBSD 4.0.0
  • FreeBSD 4.0.0 Alpha
  • FreeBSD 4.0.0 -RELENG
  • FreeBSD 4.0.0 .X
  • FreeBSD 4.1.0
  • FreeBSD 4.10.0
  • FreeBSD 4.10.0 -RELEASE
  • FreeBSD 4.10.0 -RELEASE-P8
  • FreeBSD 4.10.0 -RELENG
  • FreeBSD 4.10-PRERELEASE
  • FreeBSD 4.1.1
  • FreeBSD 4.11.0 -RELEASE-P3
  • FreeBSD 4.11.0 -RELENG
  • FreeBSD 4.11.0 -STABLE
  • FreeBSD 4.1.1 -RELEASE
  • FreeBSD 4.1.1 -STABLE
  • FreeBSD 4.2.0
  • FreeBSD 4.2.0 -RELEASE
  • FreeBSD 4.2.0 -STABLE
  • FreeBSD 4.2.0 -Stablepre050201
  • FreeBSD 4.2.0 -Stablepre122300
  • FreeBSD 4.3.0
  • FreeBSD 4.3.0 -RELEASE
  • FreeBSD 4.3.0 -RELEASE-P38
  • FreeBSD 4.3.0 -RELENG
  • FreeBSD 4.3.0 -STABLE
  • FreeBSD 4.4.0
  • FreeBSD 4.4.0 -RELEASE-P42
  • FreeBSD 4.4.0 -RELENG
  • FreeBSD 4.4.0 -STABLE
  • FreeBSD 4.5.0
  • FreeBSD 4.5.0 -RELEASE
  • FreeBSD 4.5.0 -RELEASE-P32
  • FreeBSD 4.5.0 -RELENG
  • FreeBSD 4.5.0 -STABLE
  • FreeBSD 4.5.0 -Stablepre2002-03-07
  • FreeBSD 4.6.0
  • FreeBSD 4.6.0 -RELEASE
  • FreeBSD 4.6.0 -RELEASE-P20
  • FreeBSD 4.6.0 -RELENG
  • FreeBSD 4.6.0 -STABLE
  • FreeBSD 4.6.2
  • FreeBSD 4.7.0
  • FreeBSD 4.7.0 -RELEASE
  • FreeBSD 4.7.0 -RELEASE-P17
  • FreeBSD 4.7.0 -RELENG
  • FreeBSD 4.7.0 -STABLE
  • FreeBSD 4.8.0
  • FreeBSD 4.8.0 -PRERELEASE
  • FreeBSD 4.8.0 -RELEASE-P7
  • FreeBSD 4.8.0 -RELENG
  • FreeBSD 4.9.0
  • FreeBSD 4.9.0 -PRERELEASE
  • FreeBSD 4.9.0 -RELENG
  • FreeBSD 5.0.0
  • FreeBSD 5.0.0 Alpha
  • FreeBSD 5.0.0 -RELEASE-P14
  • FreeBSD 5.0.0 -RELENG
  • FreeBSD 5.1.0
  • FreeBSD 5.1.0 -RELEASE
  • FreeBSD 5.1.0 -RELEASE/Alpha
  • FreeBSD 5.1.0 -RELEASE-P5
  • FreeBSD 5.1.0 -RELENG
  • FreeBSD 5.2.0
  • FreeBSD 5.2.0 -RELEASE
  • FreeBSD 5.2.0 -RELENG
  • FreeBSD 5.2.1 -RELEASE
  • FreeBSD 5.3.0
  • FreeBSD 5.3.0 -RELEASE
  • FreeBSD 5.3.0 -RELENG
  • FreeBSD 5.3.0 -STABLE
  • FreeBSD 5.4.0 -PRERELEASE
  • FreeBSD 5.4.0 -RELEASE
  • FreeBSD 5.4.0 -RELENG
  • FreeBSD -Current
  • Hitachi AlaxalA AX
  • Hitachi GR3000
  • Hitachi GR4000
  • Hitachi GS4000
  • IETF RFC 1323 : TCP Extensions for High Performance
  • Microsoft Windows 2000 Advanced Server SP1
  • Microsoft Windows 2000 Advanced Server SP2
  • Microsoft Windows 2000 Advanced Server SP3
  • Microsoft Windows 2000 Advanced Server SP4
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server SP1
  • Microsoft Windows 2000 Datacenter Server SP2
  • Microsoft Windows 2000 Datacenter Server SP3
  • Microsoft Windows 2000 Datacenter Server SP4
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows 2000 Professional SP1
  • Microsoft Windows 2000 Professional SP2
  • Microsoft Windows 2000 Professional SP3
  • Microsoft Windows 2000 Professional SP4
  • Microsoft Windows 2000 Professional
  • Microsoft Windows 2000 Server SP1
  • Microsoft Windows 2000 Server SP2
  • Microsoft Windows 2000 Server SP3
  • Microsoft Windows 2000 Server SP4
  • Microsoft Windows 2000 Server
  • Microsoft Windows Server 2003 Datacenter Edition
  • Microsoft Windows Server 2003 Datacenter Edition Itanium
  • Microsoft Windows Server 2003 Enterprise Edition
  • Microsoft Windows Server 2003 Enterprise Edition Itanium
  • Microsoft Windows Server 2003 Standard Edition
  • Microsoft Windows Server 2003 Standard x64 Edition
  • Microsoft Windows Server 2003 Web Edition
  • Microsoft Windows XP 64-bit Edition SP1
  • Microsoft Windows XP 64-bit Edition
  • Microsoft Windows XP 64-bit Edition Version 2003 SP1
  • Microsoft Windows XP 64-bit Edition Version 2003
  • Microsoft Windows XP Embedded SP1
  • Microsoft Windows XP Embedded
  • Microsoft Windows XP Home SP1
  • Microsoft Windows XP Home
  • Microsoft Windows XP Media Center Edition SP1
  • Microsoft Windows XP Media Center Edition
  • Microsoft Windows XP Professional SP1
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Tablet PC Edition SP1
  • Microsoft Windows XP Tablet PC Edition
  • Nortel Networks BCM 1000
  • Nortel Networks BCM 200
  • Nortel Networks BCM 400
  • Nortel Networks CallPilot 200I
  • Nortel Networks CallPilot 201I
  • Nortel Networks CallPilot 702T
  • Nortel Networks CallPilot 703T
  • Nortel Networks Communications Server 1000
  • Nortel Networks Contact Center
  • Nortel Networks Ethernet Routing Switch 1612
  • Nortel Networks Ethernet Routing Switch 1624
  • Nortel Networks Ethernet Routing Switch 1648
  • Nortel Networks Optical Metro 5000
  • Nortel Networks Optical Metro 5100
  • Nortel Networks Optical Metro 5200
  • Nortel Networks SRG 1.0.0
  • Nortel Networks Universal Signaling Point 5200
  • Nortel Networks Universal Signaling Point Compact/Lite
  • Nortel Networks WLAN Access Point 7220.0.0
  • Nortel Networks WLAN Access Point 7250.0.0
  • OpenBSD 3.0
  • OpenBSD 3.1
  • OpenBSD 3.2
  • OpenBSD 3.3
  • OpenBSD 3.4
  • OpenBSD 3.5
  • OpenBSD 3.6
  • SCO Open Server 6.0.0
  • SCO Unixware 7.1.3
  • SCO Unixware 7.1.4
  • Yamaha RT105
  • Yamaha RT250i
  • Yamaha RT300i
  • Yamaha RT57i
  • Yamaha RTV700
  • Yamaha RTX1000
  • Yamaha RTX1100
  • Yamaha RTX1500
  • Yamaha RTX2000

References

  • BugTraq: 13676
  • BugTraq: 16295
  • CVE: CVE-2005-0356

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out