CVE-2008-4609 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4609): The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress.
In my opinion those are unfixable design bugs...people have to firewall their stuff as good as possible and need to check out daemon-, queuelimits etc.
Resolved as 'wontfix' due to sparse information. ((In reply to comment #1) > In my opinion those are unfixable design bugs... Moreover no specific commits or patches are provided.