CVE-2005-3675 - The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwi

CVE-2005-3675

Summary

The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills available bandwidth.

References

http://www.cs.umd.edu/~capveg/optack/optack-extended.pdf
http://www.kb.cert.org/vuls/id/102014
http://www.securityfocus.com/bid/15468/
https://exchange.xforce.ibmcloud.com/vulnerabilities/23055

Vulnerable Configurations

cpe:2.3:a:tcp:tcp:*:*:*:*:*:*:*:*
cpe:2.3:a:tcp:tcp:*:*:*:*:*:*:*:*

CVSS

Base:	7.8 (as of 11-07-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:C

refmap via4

bid	15468
cert-vn	VU#102014
misc	http://www.cs.umd.edu/~capveg/optack/optack-extended.pdf
xf	tcp-congestion-control-dos(23055)

Last major update

11-07-2017 - 01:33

Published

18-11-2005 - 23:03

Last modified

11-07-2017 - 01:33