CVE Reference: CVE-2004-0230

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2004-0230

Description:
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/15886

SGI

SCO

SAID
  Secunia Advisory: SA11440
  Secunia Advisory: SA11458
  Secunia Advisory: SA22341

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:4791
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:2689
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5711
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:3508
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:270

OSVDB
  4030

NETBSD

MS
  http://www.microsoft.com/technet/security/Bulletin/MS06-064.mspx
  http://www.microsoft.com/technet/security/bulletin/ms05-019.mspx

MISC
  http://www.uniras.gov.uk/vuls/2004/236929/index.htm

HP
  http://www.securityfocus.com/archive/1/archive/1/449179/100/0/threaded
  http://marc.theaimsgroup.com/?l=bugtraq&m=108506952116653&w=2

CONFIRM
  http://www.juniper.net/support/alert.html
  http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

CISCO
  http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml

CERT-VN
  415294

CERT
  http://www.us-cert.gov/cas/techalerts/TA04-111A.html

BUGTRAQ
  http://marc.theaimsgroup.com/?l=bugtraq&m=108302060014745&w=2

BID
  10183


Return to the previous page.