Signature Detail
Short Name |
TCP:C2S:FLAGSERROR:DIRTY-SYN |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop Packet |
Category |
TCP |
Release Date |
2003/08/27 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
TCP: C2S Flags Error Additional Flags in SYN Packet
This protocol anomaly triggers when it detects a SYN packet with unexpected flags set. This can be a SYN-FIN or a SYN-RST packet attempting to hang the server.
Extended Description
Successful exploitation of this vulnerability could allow a remote attacker to deny service to a TCP server. The impact would depend on the implementation of the TCP.
References