CVE - CVE-2013-5469

CVE-ID
CVE-2013-5469	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The TCP implementation in Cisco IOS does not properly implement the transitions from the ESTABLISHED state to the CLOSED state, which allows remote attackers to cause a denial of service (flood of ACK packets) via a crafted series of ACK and FIN packets, aka Bug ID CSCtz14399.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:62083 URL:http://www.securityfocus.com/bid/62083 CISCO:20130830 Cisco IOS Software TCP ACK Storm Vulnerability URL:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5469 OSVDB:96764 URL:~~http://osvdb.org/96764~~ (Obsolete source) SECTRACK:1028969 URL:http://www.securitytracker.com/id/1028969 XF:cisco-ios-cve20135469-dos(86794) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/86794
Assigning CNA
Cisco Systems, Inc.
Date Record Created
20130822	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20130822)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)