ID CVE-2004-0791
Summary Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:9.0:-:sparc
    cpe:2.3:o:sun:solaris:9.0:-:sparc
  • cpe:2.3:o:sun:solaris:10.0:-:sparc
    cpe:2.3:o:sun:solaris:10.0:-:sparc
  • Sun Microsystems Solaris 7
    cpe:2.3:o:sun:sunos:5.7
  • Sun SunOS (Solaris 8) 5.8
    cpe:2.3:o:sun:sunos:5.8
CVSS
Base: 5.0 (as of 15-06-2005 - 12:44)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
description Multiple Vendor ICMP Implementation Spoofed Source Quench Packet DoS. CVE-2004-0791. Dos exploits for multiple platform
id EDB-ID:25387
last seen 2016-02-03
modified 2005-04-12
published 2005-04-12
reporter Fernando Gont
source https://www.exploit-db.com/download/25387/
title Multiple Vendor ICMP Implementation Spoofed Source Quench Packet DoS
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-043.NASL
    description Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available. The Linux kernel handles the basic functions of the operating system. This advisory includes fixes for several security issues : iSEC Security Research discovered a VMA handling flaw in the uselib(2) system call of the Linux kernel. A local user could make use of this flaw to gain elevated (root) privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1235 to this issue. A flaw was discovered where an executable could cause a VMA overlap leading to a crash. A local user could trigger this flaw by creating a carefully crafted a.out binary on 32-bit systems or a carefully crafted ELF binary on Itanium systems. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0003 to this issue. iSEC Security Research discovered a flaw in the page fault handler code that could lead to local users gaining elevated (root) privileges on multiprocessor machines. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0001 to this issue. A patch that coincidentally fixed this issue was committed to the Update 4 kernel release in December 2004. Therefore Red Hat Enterprise Linux 3 kernels provided by RHBA-2004:550 and subsequent updates are not vulnerable to this issue. A flaw in the system call filtering code in the audit subsystem included in Red Hat Enterprise Linux 3 allowed a local user to cause a crash when auditing was enabled. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1237 to this issue. Olaf Kirch discovered that the recent security fixes for cmsg_len handling (CVE-2004-1016) broke 32-bit compatibility on 64-bit platforms such as AMD64 and Intel EM64T. A patch to correct this issue is included. A recent Internet Draft by Fernando Gont recommended that ICMP Source Quench messages be ignored by hosts. A patch to ignore these messages is included. Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 16211
    published 2005-01-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16211
    title RHEL 3 : kernel (RHSA-2005:043)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2005-016.NASL
    description Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 2.1 are now available. The Linux kernel handles the basic functions of the operating system. This advisory includes fixes for the following security issues : iSEC Security Research discovered a VMA handling flaw in the uselib(2) system call of the Linux kernel. A local user could make use of this flaw to gain elevated (root) privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1235 to this issue. iSEC Security Research discovered a flaw in the page fault handler code that could lead to local users gaining elevated (root) privileges on multiprocessor machines. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-0001 to this issue. iSEC Security Research and Georgi Guninski independently discovered a flaw in the scm_send function in the auxiliary message layer. A local user could create a carefully crafted auxiliary message which could cause a denial of service (system hang). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1016 to this issue. Kirill Korotaev found a flaw in load_elf_binary affecting kernels prior to 2.4.26. A local user could create a carefully crafted binary in such a way that it would cause a denial of service (system crash). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-1234 to this issue. These packages also fix issues in the io_edgeport driver (CVE-2004-1017), a memory leak in ip_options_get (CVE-2004-1335), and missing VM_IO flags in some drivers (CVE-2004-1057). A recent Internet Draft by Fernando Gont recommended that ICMP Source Quench messages be ignored by hosts. A patch to ignore these messages is included. All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 16244
    published 2005-01-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16244
    title RHEL 2.1 : kernel (RHSA-2005:016)
  • NASL family CISCO
    NASL id CISCO-SA-20050412-ICMP.NASL
    description A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt ). These attacks, which only affect sessions terminating or originating on a device itself, can be of three types: Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type. Multiple Cisco products are affected by the attacks described in this Internet draft. Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48985
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48985
    title Crafted ICMP Messages Can Cause Denial of Service - Cisco Systems
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_33395.NASL
    description s700_800 11.00 cumulative ARPA Transport patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 19363
    published 2005-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19363
    title HP-UX PHNE_33395 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_26125.NASL
    description s700_800 11.00 ndd(1M) cumulative patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 18399
    published 2005-05-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18399
    title HP-UX PHNE_26125 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_118844.NASL
    description SunOS 5.10_x86: kernel Patch. Date this patch was last updated by Sun : Oct/28/05 This plugin has been deprecated and either replaced with individual 118844 patch-revision plugins, or deemed non-security related.
    last seen 2019-02-21
    modified 2018-07-30
    plugin id 19370
    published 2005-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19370
    title Solaris 10 (x86) : 118844-20 (deprecated)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_25644.NASL
    description s700_800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - An HP-UX 11.11 machine with TRANSPORT patches PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 may be exposed to a denial of service through the malicious use of the 'ndd' command. (HPSBUX00192 SSRT071390) - TCP Initial Sequence Number (ISN) randomization specified in RFC 1948 is available for HP-UX. References: CVE-2001-0328, CERT CA-2001-09. (HPSBUX00205 SSRT080009)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 16508
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16508
    title HP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_33427.NASL
    description s700_800 11.04 (VVOS) cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - A potential security vulnerability has been identified with HP-UX running TCP/IP. The potential vulnerability could be exploited remotely to cause a Denial of Service (DoS). (HPSBUX02087 SSRT4728)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 19486
    published 2005-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19486
    title HP-UX PHNE_33427 : s700_800 11.04 (VVOS) cumulative ARPA Transport patch
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_118822.NASL
    description SunOS 5.10: kernel Patch. Date this patch was last updated by Sun : Feb/23/06
    last seen 2018-09-02
    modified 2018-08-13
    plugin id 19367
    published 2005-08-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19367
    title Solaris 10 (sparc) : 118822-30
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS7_X86_106542.NASL
    description SunOS 5.7_x86: Kernel Update Patch. Date this patch was last updated by Sun : Nov/27/06
    last seen 2016-09-26
    modified 2011-10-24
    plugin id 13193
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13193
    title Solaris 7 (x86) : 106542-43
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL23440942.NASL
    description The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through13.x. For information about earlier versions, refer toK4583: Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790(9.x - 10.x). Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the 'blind connection-reset attack.' NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. (CVE-2004-0790)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 100000
    published 2017-05-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100000
    title F5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_33159.NASL
    description s700_800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP (IPv4). This vulnerability could be remotely exploited to cause a Denial of Service (DoS). (HPSBUX01137 SSRT5954) - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 18608
    published 2005-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18608
    title HP-UX PHNE_33159 : s700_800 11.11 cumulative ARPA Transport patch
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_118305.NASL
    description SunOS 5.9: tcp Patch. Date this patch was last updated by Sun : Jul/09/07
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 18075
    published 2005-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18075
    title Solaris 9 (sparc) : 118305-10
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL4583.NASL
    description The remote BIG-IP device is missing a patch required by a security advisory.
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 86016
    published 2015-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86016
    title F5 Networks BIG-IP : Insufficient validation of ICMP error messages (SOL4583)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_117470.NASL
    description SunOS 5.9_x86: tcp Patch. Date this patch was last updated by Sun : Jul/09/07
    last seen 2016-09-26
    modified 2011-09-18
    plugin id 18079
    published 2005-04-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18079
    title Solaris 9 (x86) : 117470-09
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS7_106541.NASL
    description SunOS 5.7: Kernel Update Patch. Date this patch was last updated by Sun : Dec/06/06
    last seen 2016-09-26
    modified 2011-10-24
    plugin id 13086
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13086
    title Solaris 7 (sparc) : 106541-44
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_26076.NASL
    description s700_800 11.04 (VVOS) ndd(1M) cumulative patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 18398
    published 2005-05-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18398
    title HP-UX PHNE_26076 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_32606.NASL
    description s700_800 11.23 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - A potential security vulnerability has been identified with HP-UX running TCP/IP (IPv4). This vulnerability could be remotely exploited to cause a Denial of Service (DoS). (HPSBUX01137 SSRT5954)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 19362
    published 2005-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19362
    title HP-UX PHNE_32606 : s700_800 11.23 cumulative ARPA Transport patch
oval via4
  • accepted 2013-04-29T04:03:45.256-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:10228
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    version 23
  • accepted 2011-05-09T04:00:04.824-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Nabil Ouchn
      organization Security-Database
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:1112
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.04 ICMP Source Quench Attack Vulnerability
    version 36
  • accepted 2014-03-24T04:00:40.393-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:184
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.11 ICMP Source Quench Attack Vulnerability
    version 39
  • accepted 2011-05-09T04:01:34.130-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Nabil Ouchn
      organization Security-Database
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Pai Peng
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:464
    status accepted
    submitted 2006-09-22T05:52:00.000-04:00
    title Solaris 8, 9, 10 ICMP Source Quench Attack Vulnerability
    version 36
  • accepted 2014-03-24T04:01:49.234-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:596
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.11 or 11.23 ICMP Source Quench Attack Vulnerability
    version 39
  • accepted 2014-03-10T04:00:51.815-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:688
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.23 ICMP Source Quench Attack Vulnerability
    version 40
  • accepted 2011-05-09T04:01:45.820-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:726
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.00 ICMP Source Quench Attack Vulnerability
    version 36
redhat via4
advisories
  • rhsa
    id RHSA-2005:016
  • rhsa
    id RHSA-2005:017
  • rhsa
    id RHSA-2005:043
refmap via4
bid 13124
fedora
  • FLSA:157459-1
  • FLSA:157459-2
hp
  • HPSBTU01210
  • HPSBUX01164
  • SSRT4743
  • SSRT4884
misc
sco SCOSA-2006.4
secunia 18317
sreason
sunalert
  • 101658
  • 57746
Last major update 17-10-2016 - 22:49
Published 12-04-2005 - 00:00
Last modified 30-10-2018 - 12:26
Back to Top