CVE-2008-4609

Name of the Vulnerable Software and Affected Versions Linux (affected versions not specified) Microsoft Windows (affected versions not specified) Cisco products (affected versions not specified)

Description A denial of service issue exists due to the way TCP connections are handled, allowing remote attackers to cause connection queue exhaustion via multiple vectors that manipulate information in the TCP state table. This can be achieved by flooding a system with specially crafted packets, causing the affected system to stop responding to new requests or automatically restart. The effect of this issue can be amplified by the requirement to process packets with a TCP receive window size set to a very small value or zero. An attacker must be able to complete a TCP three-way handshake with a vulnerable system to exploit this issue.

Recommendations For Linux, at the moment, there is no information about a newer version that contains a fix for this issue. For Microsoft Windows, at the moment, there is no information about a newer version that contains a fix for this issue. For Cisco products, Cisco has released free software updates for download from the Cisco website that address these issues. Workarounds that mitigate these issues are available.