F5 Networks BIG-IP : Inadequate validation for TCP segments (SOL4743)
Medium Nessus Plugin ID 78204
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionMultiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution SOL4743.