CVE-2016-1353 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2016-1353

CWE

https://cwe.mitre.org/data/definitions/399.html

The TCP implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.3(0), 3.3(1), 4.0(0), and 4.1(0) does not properly initiate new TCP sessions when a previous session is in a FIN wait state, which allows remote attackers to cause a denial of service (TCP outage) via vectors involving FIN packets, aka Bug ID CSCuy45136.

Affected Software

Name	Vendor	Start Version	End Version
Videoscape_distribution_suite_for_internet_streaming	Cisco	3.3.0 (including)	3.3.0 (including)
Videoscape_distribution_suite_for_internet_streaming	Cisco	3.3.1 (including)	3.3.1 (including)
Videoscape_distribution_suite_for_internet_streaming	Cisco	4.0.0 (including)	4.0.0 (including)
Videoscape_distribution_suite_for_internet_streaming	Cisco	4.1.0 (including)	4.1.0 (including)

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160226-vds-is
http://www.securitytracker.com/id/1035123