Thread-topic: Cisco PIX embryonic state machine 1b data DoS
> -----Original Message-----
> From: Randy Ivener (rivener) [mailto:rivener@xxxxxxxxx]
> Sent: Wednesday, March 08, 2006 12:54 AM
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Cc: mlists@xxxxxxxxxx
> Subject: RE: Cisco PIX embryonic state machine 1b data DoS
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Cisco Response
> ==============
>
> This is Cisco PSIRT's response to the statements made by Arhont Ltd.-
> Information Security in their messages:
> "Cisco PIX embryonic state machine 1b data DoS"
> and
> "Cisco PIX embryonic state machine TTL(n-1) DoS"
> both posted on March 7, 2006.
>
> Attached is a cleartext, PGP signed version of this same email.
>
> The original emails are available at:
>
> and
>
>
> These issues have the same root cause that was documented in Arhont
> Ltd.- Information Security's message:
> "[Full-disclosure] Cisco PIX TCP Connection Prevention",
> posted on November 22, 2005 at:
>
er/038971.
> html
>
> As detailed in our reply also dated November 22, 2005, this issue is
> being tracked by two Cisco Bug ID's:
>
>
> * CSCsc14915 -- PIX 6.3 Spoofed TCP SYN packets can block
> legitimate TCP connections
> This Bug ID tracks the issue for PIX software version 6.3 and
> older. This DDTS is resolved and available in PIX software
> version 6.3(5.106). There are workarounds available to mitigate
> the issue.
>
>
> * CSCsc16014 -- PIX 7.0 Spoofed TCP SYN packets can block
> legitimate TCP connections
> This Bug ID tracks the issue for PIX/ASA software version 7.0.
> This DDTS is resolved and available in PIX/ASA software versions
> 7.0(4.005) and 7.1(1). Additional mitigations and workarounds
> exist to limit or eliminate the issue.
>
>
> Our November 22, 2005 reply is available at:
>
>
> We would like to thank Arhont Ltd.- Information Security for ensuring
> that these issues were previously addressed as well.
>
> We greatly appreciate the opportunity to work with researchers on
> security vulnerabilities, and welcome the opportunity to review and
> assist in product reports.
>
>
> Additional Information
> ======================
>
> There have been updates to the information available for these two
> Bug ID's since November 22, 2005. The updated Release Note Enclosures
> are available at:
>
>
> CSCsc14915 -- PIX 6.3 Spoofed TCP SYN packets can block legitimate
> TCP connections
>
>
CSCsc14915
> (registered customers only:
> )
>
>
> CSCsc16014 -- PIX 7.0 Spoofed TCP SYN packets can block legitimate
> TCP connections
>
>
CSCsc16014
> (registered customers only:
> )
>
>
> Cisco Security Procedures
> =========================
>
> Complete information on reporting security vulnerabilities in Cisco
> products, obtaining assistance with security incidents, and
> registering to receive security information from Cisco, is available
> on Cisco's worldwide website at
>
> ility_poli
> cy.html
> This includes instructions for press inquiries regarding Cisco
> security notices. All Cisco security advisories are available at
>
>
>
> Regards,
> Randy
>
> Randy Ivener
> Product Security Incident Response Team (PSIRT)
> Cisco Systems, Inc.
> rivener@xxxxxxxxx
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.1
>
> iQA/AwUBRA4AxW4/EyDEWh8IEQIQqgCgrwslVgYEzO1A5Rj3d9/AWeXg7GsAoNzC
> +6AAI0jL5lAIkBM7Zb/RdTqM
> =BOJ5
> -----END PGP SIGNATURE-----
>
