Full Article at OSVDB

The TCP stack implementation of numerous vendors contains a flaw that may allow a remote denial of service. The issue is triggered when spoofed TCP Reset packets are received by the targeted TCP stack, and will result in loss of availability for the the attacked TCP services.


Vulnerability Classification:
Remote/Network Access Required
Local/Shell Access Required
Denial Of Service Attack
Hijacking Attack
Infrastructure Attack
Loss Of Availability
Exploit Available
Verified


Products:
Cisco IOS All Versions

Microsoft Windows All Versions

Linux Linux All Versions

Nokia IPSO All Versions

Hewlett-Packard HP-UX All Versions

Juniper Router All Versions

Check Point FireWall-1 Prior to R55 HFA-03

Cray Unicos All Versions

Internet Security Systems Proventia M Series 1.5