Zq-Star

**Name of the Vulnerable Software and Affected Versions** Nanda Automation Technology AT NA2000 (affected versions not specified) **Description** The AT NA2000 Programmable Logic Controller (PLC) exhibits a denial-of-service condition. The device improperly handles TCP RST packets, accepting a broad range of sequence numbers instead of requiring an exact match to the expected sequence value, which is a deviation from RFC5961 standards. This allows attackers to disrupt established connections by sending numerous random TCP RST packets within the acceptable sequence number range, leading to a denial-of-service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Openindiana, kernel SunOS 5.11 **Description** The software exhibits a denial of service condition due to improper handling of TCP packets. Specifically, when processing TCP packets with the RST or SYN flag set, the system accepts a wide range of sequence numbers, deviating from RFC5961 standards. This allows attackers to disrupt established connections by sending multiple random TCP RST/SYN packets that fall within the acceptable sequence number range, leading to a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.