ID CVE-2004-1060
Summary Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
References
Vulnerable Configurations
  • cpe:2.3:a:icmp:icmp
    cpe:2.3:a:icmp:icmp
  • cpe:2.3:a:tcp:tcp
    cpe:2.3:a:tcp:tcp
CVSS
Base: 5.0 (as of 17-06-2005 - 15:35)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
exploit-db via4
  • description Multiple Vendor ICMP Implementation Malformed Path MTU DoS. CVE-2004-1060 . Dos exploits for multiple platform
    id EDB-ID:25388
    last seen 2016-02-03
    modified 2005-04-12
    published 2005-04-12
    reporter Fernando Gont
    source https://www.exploit-db.com/download/25388/
    title Multiple Vendor ICMP Implementation Malformed Path MTU DoS
  • description MS Windows Malformed IP Options DoS Exploit (MS05-019). CVE-2004-0230,CVE-2004-0790,CVE-2004-1060,CVE-2005-0048,CVE-2005-0688. Dos exploit for windows platform
    id EDB-ID:942
    last seen 2016-01-31
    modified 2005-04-17
    published 2005-04-17
    reporter Yuri Gushin
    source https://www.exploit-db.com/download/942/
    title Microsoft Windows - Malformed IP Options DoS Exploit MS05-019
nessus via4
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL15792.NASL
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ('Fragmentation Needed and Don't Fragment was Set') packets with a low next-hop MTU value, aka the 'Path MTU discovery attack.' (CVE-2004-1060)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 84451
    published 2015-06-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=84451
    title F5 Networks BIG-IP : Path MTU discovery vulnerability (K15792)
  • NASL family Windows
    NASL id SMB_KB893066.NASL
    description The remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw may allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a denial of service attack against a vulnerable system.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18028
    published 2005-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18028
    title MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066) (uncredentialed check)
  • NASL family CISCO
    NASL id CISCO-SA-20050412-ICMP.NASL
    description A document that describes how the Internet Control Message Protocol (ICMP) could be used to perform a number of Denial of Service (DoS) attacks against the Transmission Control Protocol (TCP) has been made publicly available. This document has been published through the Internet Engineering Task Force (IETF) Internet Draft process, and is entitled "ICMP Attacks Against TCP" (draft-gont-tcpm-icmp-attacks-03.txt ). These attacks, which only affect sessions terminating or originating on a device itself, can be of three types: Successful attacks may cause connection resets or reduction of throughput in existing connections, depending on the attack type. Multiple Cisco products are affected by the attacks described in this Internet draft. Cisco has made free software available to address these vulnerabilities. In some cases there are workarounds available to mitigate the effects of the vulnerability.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48985
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48985
    title Crafted ICMP Messages Can Cause Denial of Service - Cisco Systems
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_33395.NASL
    description s700_800 11.00 cumulative ARPA Transport patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 19363
    published 2005-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19363
    title HP-UX PHNE_33395 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_26125.NASL
    description s700_800 11.00 ndd(1M) cumulative patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 18399
    published 2005-05-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18399
    title HP-UX PHNE_26125 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_25644.NASL
    description s700_800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - An HP-UX 11.11 machine with TRANSPORT patches PHNE_24211, PHNE_24506, PHNE_25134, or PHNE_25642 may be exposed to a denial of service through the malicious use of the 'ndd' command. (HPSBUX00192 SSRT071390) - TCP Initial Sequence Number (ISN) randomization specified in RFC 1948 is available for HP-UX. References: CVE-2001-0328, CERT CA-2001-09. (HPSBUX00205 SSRT080009)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 16508
    published 2005-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=16508
    title HP-UX PHNE_25644 : s700_800 11.11 cumulative ARPA Transport patch
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_33427.NASL
    description s700_800 11.04 (VVOS) cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - A potential security vulnerability has been identified with HP-UX running TCP/IP. The potential vulnerability could be exploited remotely to cause a Denial of Service (DoS). (HPSBUX02087 SSRT4728)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 19486
    published 2005-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19486
    title HP-UX PHNE_33427 : s700_800 11.04 (VVOS) cumulative ARPA Transport patch
  • NASL family Windows : Microsoft Bulletins
    NASL id SMB_NT_MS05-019.NASL
    description The remote host runs a version of Windows that has a flaw in its TCP/IP stack. The flaw could allow an attacker to execute arbitrary code with SYSTEM privileges on the remote host, or to perform a denial of service attack against the remote host. Proof of concept code is available to perform a Denial of Service against a vulnerable system.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 18023
    published 2005-04-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18023
    title MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution (893066)
  • NASL family F5 Networks Local Security Checks
    NASL id F5_BIGIP_SOL23440942.NASL
    description The vulnerability described in this article was initially fixed in earlier versions, but a regression was reintroduced in BIG-IP 12.x through13.x. For information about earlier versions, refer toK4583: Insufficient validation of ICMP error messages - VU#222750 / CVE-2004-0790(9.x - 10.x). Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the 'blind connection-reset attack.' NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities. (CVE-2004-0790)
    last seen 2019-02-21
    modified 2019-01-04
    plugin id 100000
    published 2017-05-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100000
    title F5 Networks BIG-IP : Insufficient validation of ICMP error messages (K23440942)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_33159.NASL
    description s700_800 11.11 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP (IPv4). This vulnerability could be remotely exploited to cause a Denial of Service (DoS). (HPSBUX01137 SSRT5954) - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 18608
    published 2005-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18608
    title HP-UX PHNE_33159 : s700_800 11.11 cumulative ARPA Transport patch
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_26076.NASL
    description s700_800 11.04 (VVOS) ndd(1M) cumulative patch : A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060.
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 18398
    published 2005-05-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=18398
    title HP-UX PHNE_26076 : HP-UX TCP/IP Remote Denial of Service (DoS) (HPSBUX01164 SSRT4884 rev.9)
  • NASL family HP-UX Local Security Checks
    NASL id HPUX_PHNE_32606.NASL
    description s700_800 11.23 cumulative ARPA Transport patch : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with HP-UX running TCP/IP. This vulnerability could be remotely exploited by an unauthorized user to cause a Denial of Service(DoS). References: NISCC VU#532967, CAN-2004-0790, CAN-2004-0791, CAN-2004-1060. (HPSBUX01164 SSRT4884) - A potential security vulnerability has been identified with HP-UX running TCP/IP (IPv4). This vulnerability could be remotely exploited to cause a Denial of Service (DoS). (HPSBUX01137 SSRT5954)
    last seen 2019-02-21
    modified 2018-07-12
    plugin id 19362
    published 2005-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19362
    title HP-UX PHNE_32606 : s700_800 11.23 cumulative ARPA Transport patch
oval via4
  • accepted 2011-05-09T04:01:20.887-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:181
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.00 Path MTU Discovery Attack Vulnerability
    version 36
  • accepted 2014-03-24T04:01:16.817-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:196
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.11 Path MTU Discovery Attack Vulnerability
    version 39
  • accepted 2011-05-16T04:02:25.416-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family windows
    id oval:org.mitre.oval:def:2188
    status accepted
    submitted 2005-04-22T12:00:00.000-04:00
    title Win2k Path MTU Discovery Attack Vulnerability
    version 36
  • accepted 2011-05-16T04:02:54.455-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Brendan Miles
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family windows
    id oval:org.mitre.oval:def:3826
    status accepted
    submitted 2005-08-18T04:00:00.000-04:00
    title WinXP Path MTU Discovery Attack Vulnerability
    version 39
  • accepted 2014-03-10T04:00:50.464-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:405
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.23 Path MTU Discovery Attack Vulnerability
    version 39
  • accepted 2008-09-08T04:00:22.253-04:00
    class vulnerability
    contributors
    name Yuzheng Zhou
    organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family ios
    id oval:org.mitre.oval:def:5386
    status accepted
    submitted 2008-05-26T11:06:36.000-04:00
    title Multiple Vendor ICMP Path MTU Discovery Connection Degradation DoS Vulnerability
    version 3
  • accepted 2014-03-24T04:01:52.274-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:651
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.11 or 11.23 Path MTU Discovery Attack Vulnerability
    version 38
  • accepted 2013-09-02T04:05:56.681-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Dragos Prisaca
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family windows
    id oval:org.mitre.oval:def:780
    status accepted
    submitted 2005-08-18T04:00:00.000-04:00
    title Server 2003 Path MTU Discovery Attack Vulnerability
    version 39
  • accepted 2011-05-09T04:01:48.788-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations, when using Path MTU (PMTU) discovery (PMTUD), allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via forged ICMP ("Fragmentation Needed and Don't Fragment was Set") packets with a low next-hop MTU value, aka the "Path MTU discovery attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:899
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.04 Path MTU Discovery Attack Vulnerability
    version 36
refmap via4
bid 13124
cisco 20050412 Crafted ICMP Messages Can Cause Denial of Service
hp
  • HPSBTU01210
  • HPSBUX01164
  • SSRT4743
  • SSRT4884
misc
ms MS05-019
sco SCOSA-2006.4
secunia 18317
sreason
Last major update 17-10-2016 - 22:51
Published 12-04-2004 - 00:00
Last modified 19-10-2018 - 11:30
Back to Top