CVE-2005-3774 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2005-3774
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3774

Description: Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/25077 http://xforce.iss.net/xforce/xfdb/25079 ST 1015256 SAID Secunia Advisory: SA17670 OSVDB 24140 FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038983.html http://lists.grok.org.uk/pipermail/full-disclosure/2005-November/038971.html CONFIRM http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080624a37.html CISCO http://www.cisco.com/warp/public/707/cisco-response-20051122-pix.shtml CERT-VN 853540 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/427041/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/426991/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/426989/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/417458/30/0/threaded BID 15525

Return to the previous page.