Description
TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.
Related CPE's
o
juniper
junos
o
microsoft
windows_2000
o
microsoft
windows_server_2003
o
microsoft
windows_xp
o
oracle
solaris
a
mcafee
network_data_loss_prevention
o
netbsd
netbsd
o
xinuos
openserver
o
xinuos
unixware
References
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc
http://kb.juniper.net/JSA10638
http://secunia.com/advisories/11440
http://secunia.com/advisories/11458
http://secunia.com/advisories/22341
http://www.kb.cert.org/vuls/id/415294
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.securityfocus.com/bid/10183
http://www.us-cert.gov/cas/techalerts/TA04-111A.html
http://www.vupen.com/english/advisories/2006/3983
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886
https://kc.mcafee.com/corporate/index?page=content&id=SB10053
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt
ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc
http://kb.juniper.net/JSA10638
http://secunia.com/advisories/11440
http://secunia.com/advisories/11458
http://secunia.com/advisories/22341
http://www.kb.cert.org/vuls/id/415294
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.securityfocus.com/bid/10183
http://www.us-cert.gov/cas/techalerts/TA04-111A.html
http://www.vupen.com/english/advisories/2006/3983
https://exchange.xforce.ibmcloud.com/vulnerabilities/15886
https://kc.mcafee.com/corporate/index?page=content&id=SB10053
CVSS impact metrics
AV:N/AC:L/Au:N/C:N/I:N/A:P
5 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2004-08-18T04:00:00.000
20 years agoLast modified
2025-05-02T16:40:41.530
2 months ago