CVE-2008-4609

Impact:
Moderate
Public Date:
2009-09-08
Bugzilla:
465932: CVE-2008-4609 kernel: TCP protocol vulnerabilities from Outpost24

The MITRE CVE dictionary describes this issue as:

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.

Find out more about CVE-2008-4609 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

The attacks reported by Outpost24 AB target the design limitations of the TCP protocol. Due to upstreams decision not to release updates, Red Hat do not plan to release updates to resolve these issues however, the effects of these attacks can be reduced via the mitigation methods as written in http://kbase.redhat.com/faq/docs/DOC-18730.

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact Red Hat Product Security.

Last Modified

CVE description copyright © 2017, The MITRE Corporation

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.