Is the ProxySG or Advanced Secure Gateway vulnerable to CVE-2004-0230?
Last Updated September 26, 2018
You want to know if the ProxySG or Advanced Secure Gateway (ASG) appliances are vulnerable to CVE-2004-0230, "TCP Sequence Number Approximation Based Denial of Service".
The ProxySG appliance is hardened against this sort of attack. The appliance compares the incoming sequence number to the last ACK we sent and the next sequence number we expect to receive. If it is not equal to or is within 1 in either direction, we drop the packet. Thus, if the attacker is not snooping on the network, they would need to do the following:
Guess the connection 4-tuple
Guess an acceptable sequence number -- a 3 in 4 billion chance
The impact would be that the connection would be dropped if the attacker were able to figure out the correct 4-tuple and sequence number.
Imported Document ID: 000012012
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe