According to cisco :
The Cisco Secure PIX Firewall cannot distinguish between a forged TCP Reset
(RST) packet and a genuine TCP RST packet. Any TCP/IP connection established
through the Cisco Secure PIX Firewall can be terminated by a third party
from the untrusted network if the connection can be uniquely determined.
This vulnerability is independent of configuration. There is no workaround.
This vulnerability exists in all Cisco Secure PIX Firewall software releases
up to and including 4.2(5), 4.4(4), 5.0(3) and 5.1(1). The defect has been
assigned Cisco bug ID CSCdr11711.
This notice is posted at
http://www.cisco.com/warp/public/707/pixtcpreset-pub.shtml on Cisco's
Worldwide Web site.
Atif
___________________________________
UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html
FAQ, list archives, and subscription info: http://www.groupstudy.com
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
