Description

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

Related CPE's

o

juniper

junos

55

o

microsoft

windows_2000

2

o

microsoft

windows_98

-

Vulnerable

o

microsoft

windows_98se

-

Vulnerable

o

microsoft

windows_server_2003

4

o

microsoft

windows_xp

4

o

oracle

solaris

2

a

openpgp

openpgp

2.6.2

Vulnerable

a

mcafee

network_data_loss_prevention

4

o

netbsd

netbsd

8

o

xinuos

openserver

2

o

xinuos

unixware

2

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc

Third Party AdvisoryBroken Link

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt

Third Party AdvisoryBroken Link

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt

Third Party AdvisoryBroken Link

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt

Third Party AdvisoryBroken Link

ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc

Third Party AdvisoryBroken Link

http://kb.juniper.net/JSA10638

Third Party Advisory

http://marc.info/?l=bugtraq&m=108302060014745&w=2

Mailing List

http://marc.info/?l=bugtraq&m=108506952116653&w=2

Mailing List

http://secunia.com/advisories/11440

Permissions RequiredThird Party AdvisoryVDB EntryBroken Link

http://secunia.com/advisories/11458

Permissions RequiredThird Party AdvisoryVDB EntryBroken Link

http://secunia.com/advisories/22341

Permissions RequiredThird Party AdvisoryVDB EntryBroken Link

http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml

Broken Link

http://www.kb.cert.org/vuls/id/415294

Third Party AdvisoryUS Government Resource

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

PatchThird Party Advisory

http://www.osvdb.org/4030

Broken Link

http://www.securityfocus.com/archive/1/449179/100/0/threaded

Broken Link

http://www.securityfocus.com/archive/1/449179/100/0/threaded

Broken Link

http://www.securityfocus.com/bid/10183

ExploitThird Party AdvisoryVDB Entry

http://www.uniras.gov.uk/vuls/2004/236929/index.htm

Broken Link

http://www.us-cert.gov/cas/techalerts/TA04-111A.html

Third Party AdvisoryUS Government Resource

http://www.vupen.com/english/advisories/2006/3983

Permissions RequiredBroken Link

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019

Third Party Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15886

Third Party Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10053

PatchThird Party AdvisoryBroken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711

Broken Link

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc

Third Party AdvisoryBroken Link

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt

Third Party AdvisoryBroken Link

ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt

Third Party AdvisoryBroken Link

ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt

Third Party AdvisoryBroken Link

ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc

Third Party AdvisoryBroken Link

http://kb.juniper.net/JSA10638

Third Party Advisory

http://marc.info/?l=bugtraq&m=108302060014745&w=2

Mailing List

http://marc.info/?l=bugtraq&m=108506952116653&w=2

Mailing List

http://secunia.com/advisories/11440

Permissions RequiredThird Party AdvisoryVDB EntryBroken Link

http://secunia.com/advisories/11458

Permissions RequiredThird Party AdvisoryVDB EntryBroken Link

http://secunia.com/advisories/22341

Permissions RequiredThird Party AdvisoryVDB EntryBroken Link

http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml

Broken Link

http://www.kb.cert.org/vuls/id/415294

Third Party AdvisoryUS Government Resource

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

PatchThird Party Advisory

http://www.osvdb.org/4030

Broken Link

http://www.securityfocus.com/archive/1/449179/100/0/threaded

Broken Link

http://www.securityfocus.com/archive/1/449179/100/0/threaded

Broken Link

http://www.securityfocus.com/bid/10183

ExploitThird Party AdvisoryVDB Entry

http://www.uniras.gov.uk/vuls/2004/236929/index.htm

Broken Link

http://www.us-cert.gov/cas/techalerts/TA04-111A.html

Third Party AdvisoryUS Government Resource

http://www.vupen.com/english/advisories/2006/3983

Permissions RequiredBroken Link

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019

Third Party Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064

Third Party Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/15886

Third Party Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10053

PatchThird Party AdvisoryBroken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791

Broken Link

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711

Broken Link

Weaknesses

[email protected]

Primary
NVD-CWE-Other

CVSS impact metrics

AV:N/AC:L/Au:N/C:N/I:N/A:P

5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2004-08-18T04:00:00.000

20 years ago

Last modified

2025-05-02T16:40:41.530

2 months ago