TCP/IP ACK Packet Saturation Remote DoS (stream.c)

This script is Copyright (C) 2000-2016 Tenable Network Security, Inc.

Synopsis :

The remote host is vulnerable to a denial of service.

Description :

It seems it was possible to make the remote server crash using the
'stream' (or 'raped') attack.

An attacker may use this flaw to shut down this server, thus
preventing your network from working properly.

See also :

Solution :

Solution :

Contact your operating system vendor for a patch.

- If you use IP filter, then add these rules :

block in quick proto tcp from any to any head 100
pass in quick proto tcp from any to any flags S keep state group 100
pass in all

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 7.4
Public Exploit Available : true

Family: Denial of Service

Nessus Plugin ID: 10271 ()

Bugtraq ID: 549

CVE ID: CVE-1999-0770

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial