|
| TC: | 11004 | |
| Description: | TCP chorusing is a situation where several TCP/IP stacks are loaded on one system, and share the same Ethernet card and the same IP address. When packets are received, redundant ACKnowledgments are generated. This favors Denial of Service attacks. | |
| TC Impact: | Attack |
| Vulnerability Publication: | February 06, 1999 | |
| Advisory Copyright: | Dan Kaminsky, DoxPara Research | |
| Summary: | A system with multiple TCP/IP stacks has been detected. Multiple TCP/IP stacks are rarely required and favor denial of service attacks. | |
| Risk: | Medium | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial | |
| CVSS 2.0 Base Score: | 5.0 |
| Vulnerability Impact: |
Denial of Service |
|---|
| Host Impact: | This attack may lead to a denial of service as a result of bandwidth saturation. | |
| Nature of Remediation: | Change the system configuration. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Update Configuration ***** Remove all TCP/IP stacks but one. |
| References: | ||
| * NTBUGTRAQ: 19990206 New Windows 9x Bug: TCP Chorusing http://marc.theaimsgroup.com/?l=ntbugtraq&m=91849617221319&w=2 * BID: 225 http://www.securityfocus.com/bid/225 * XF: win-multiple-ip-dos(7542) http://xforce.iss.net/xforce/xfdb/7542 |
| CVE Link: |
CVE-1999-1201 |
 |
|---|
| Glossary: |
Denial of Service TCP TCP/IP Stack |
|---|