Raising awareness about vulnerabilities and possible mitigations
Our security research has lead to a number of vulnerability advisories, which have in turn resulted in a plethora of improvements in many popular implementations of the Internet protocols.
Here are some of the vulnerability advisories that have been published as a result of our work.
Security Asessment of the Internet Protocol
ICMP attacks against TCP
- UK's NISCC: NISCC Vulnerability Advisory ICMP - 532967 (Vulnerability Issues in ICMP packets with TCP payloads)
- US-CERT: TCP/IP implementations do not adequately validate ICMP error messages
- Cisco Systems: Crafted ICMP Messages Can Cause Denial of Service
- Microsoft Corp.: Microsoft Security Bulletin Summary for April 2005
- SCO Group: TCP Remote ICMP Denial Of Service Vulnerabilities