[原文]The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills available bandwidth.
Rob Sherwood of the University of Maryland reported this issue, and researched its associated exploitation methods. Stefan Savage, Neal Cardwell, David Wetherall, and Tom Anderson published information on the underlying protocol issue.
IETF RFC 793: TCP
Multiple vendors are susceptible to a remote TCP acknowledgement denial of service vulnerability.
This issue presents itself when the remote peer forges acknowledgment packets prior to actually receiving packets from the sending host. As soon as the server receives an acknowledgment for a packet that has been sent, it assumes that the client has received it. These acknowledgment packets influence the servers congestion control mechanism.
This vulnerability allows remote attackers to consume excessive network resources, denying network service to legitimate users.
This issue exists in the TCP protocol specification as defined by RFC 793. However, it is likely that a number of specific vendor implementations will also be affected. This BID will be updated as individual implementations of the protocol are reported to be affected.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org <mailto:email@example.com>.