Signature Detail

Short Name	TCP:OPTERR:TOO-LONG
Severity	Critical
Recommended	No
Recommended Action	Drop Packet
Category	TCP
Release Date	2003/04/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

TCP: Options Error Option Too Long

This protocol anomaly triggers when it detects an option that specifies a length longer than the length of the entire options buffer. Because this can indicate a buffer overflow or another exploit attempt, it is recommended to drop these packets.

Extended Description

The presence of malformed TCP option headers in network traffic could indicate a network configuration error or that a malicious party is attempting to conduct a denial of service or other attack.

References

URL: http://www.cultdeadcow.com/cDc_files/cDc-351/page2.html
URL: http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci549024,00.html
URL: http://www.linuxjournal.com/article.php?sid=6701

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Release Date

Update Number

Supported Platforms

TCP: Options Error Option Too Long

Extended Description

References