A vulnerability in the Transmission Control Protocol (TCP)
specification (RFC793) has been discovered by an external researcher. The
successful exploitation enables an adversary to reset any established TCP
connection in a much shorter time than was previously discussed publicly.
Depending on the application, the connection may get automatically
re-established. In other cases, a user will have to repeat the action (for
example, open a new Telnet or SSH session). Depending upon the attacked
protocol, a successful attack may have additional consequences beyond
terminated connection which must be considered. This attack vector is only
applicable to the sessions which are terminating on a device (such as a router,
switch, or computer), and not to the sessions that are only passing through the
device (for example, transit traffic that is being routed by a router). In
addition, the attack vector does not directly compromise data integrity or
confidentiality.
All Cisco products which contain a TCP stack are susceptible to this
vulnerability.
This advisory is available at

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-nonios,
and it describes this vulnerability as it applies to Cisco products that do not
run Cisco IOS® software.
A companion advisory that describes this vulnerability for products
that run Cisco IOS software is available at
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20040420-tcp-ios.

Leave a Reply