Info

Disclosure

Mar 30, 2005

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when TCP segments with invalid SACK options are received, and will result in loss of availability for the platform.

Classification

Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unknown
Disclosure: OSVDB Verified

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, OpenBSD has released a patch to address this vulnerability.

Products

OpenBSD	OpenBSD	3.5
		3.6

References

Security Tracker: 1013611
Bugtraq ID: 12951
CVE ID: 2005-0960 (see also: NVD)
Vendor URL: http://www.openbsd.org/
Vendor Specific Advisory URL: http://www.openbsd.org/errata.html
http://www.openbsd.org/errata35.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/36218