ID CVE-2004-0790
Summary Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
References
Vulnerable Configurations
  • cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp3:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:fr:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2003_server:r2:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_98:*:gold:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_98se:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_me:*:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:*:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:64-bit:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp1:tablet_pc:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:tablet_pc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.7:*:*:*:*:*:*:*
  • cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
    cpe:2.3:o:sun:sunos:5.8:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 30-10-2018 - 16:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
oval via4
  • accepted 2014-03-24T04:00:12.352-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Nabil Ouchn
      organization Security-Database
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:1177
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.11 Blind Connection Reset Attack Vulnerability
    version 38
  • accepted 2011-05-09T04:01:19.783-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:176
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.00 Blind Connection Reset Attack Vulnerability
    version 36
  • accepted 2011-05-16T04:02:04.059-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Dragos Prisaca
      organization Gideon Technologies, Inc.
    • name Brendan Miles
      organization The MITRE Corporation
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family windows
    id oval:org.mitre.oval:def:1910
    status accepted
    submitted 2005-08-18T04:00:00.000-04:00
    title WinXP Blind Connection Reset Attack Vulnerability
    version 39
  • accepted 2014-03-10T04:00:34.539-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:211
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.23 Blind Connection Reset Attack Vulnerability
    version 40
  • accepted 2011-05-16T04:02:47.049-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family windows
    id oval:org.mitre.oval:def:3458
    status accepted
    submitted 2005-04-22T12:00:00.000-04:00
    title Win2k Blind Connection Reset Attack Vulnerability
    version 36
  • accepted 2011-05-09T04:01:32.572-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Todd Dolinsky
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:412
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.04 Blind Connection Reset Attack Vulnerability
    version 36
  • accepted 2013-09-02T04:05:46.405-04:00
    class vulnerability
    contributors
    • name Matthew Burton
      organization The MITRE Corporation
    • name John Hoyland
      organization Centennial Software
    • name Sudhir Gandhe
      organization Telos
    • name Shane Shaffer
      organization G2, Inc.
    • name Dragos Prisaca
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family windows
    id oval:org.mitre.oval:def:4804
    status accepted
    submitted 2005-08-18T04:00:00.000-04:00
    title Server 2003 Blind Connection Reset Attack Vulnerability
    version 39
  • accepted 2014-03-24T04:01:39.608-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Shane Shaffer
      organization G2, Inc.
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:514
    status accepted
    submitted 2006-09-22T05:48:00.000-04:00
    title HP-UX 11.11, 11.23 Blind Connection Reset Attack Vulnerability
    version 39
  • accepted 2011-05-09T04:01:36.564-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Jeff Ito
      organization Secure Elements, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    definition_extensions
    • comment Microsoft Windows XP SP1 (32-bit) is installed
      oval oval:org.mitre.oval:def:1
    • comment Microsoft Windows XP SP2 or later is installed
      oval oval:org.mitre.oval:def:521
    • comment Microsoft Windows XP SP1 (64-bit) is installed
      oval oval:org.mitre.oval:def:480
    • comment Microsoft Windows Server 2003 (x86) Gold is installed
      oval oval:org.mitre.oval:def:165
    • comment Microsoft Windows Server 2003 SP1 (x86) is installed
      oval oval:org.mitre.oval:def:565
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family windows
    id oval:org.mitre.oval:def:53
    status accepted
    submitted 2006-10-11T05:29:41
    title Windows XP, Windows Server 2003 Blind Connection Reset Attack Vulnerability
    version 42
  • accepted 2011-05-09T04:01:38.771-04:00
    class vulnerability
    contributors
    • name Robert L. Hollis
      organization ThreatGuard, Inc.
    • name Nabil Ouchn
      organization Security-Database
    • name Matthew Wojcik
      organization The MITRE Corporation
    • name Pai Peng
      organization Opsware, Inc.
    • name Shane Shaffer
      organization G2, Inc.
    description Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
    family unix
    id oval:org.mitre.oval:def:622
    status accepted
    submitted 2006-09-22T05:52:00.000-04:00
    title Solaris 8, 9, 10 Blind Connection Reset Attack Vulnerability
    version 36
refmap via4
bid 13124
hp
  • HPSBST02161
  • HPSBTU01210
  • HPSBUX01164
  • SSRT061264
  • SSRT4743
  • SSRT4884
misc
ms
  • MS05-019
  • MS06-064
sco SCOSA-2006.4
secunia
  • 18317
  • 22341
sreason
sunalert
  • 101658
  • 57746
vupen ADV-2006-3983
Last major update 30-10-2018 - 16:26
Published 12-04-2005 - 04:00
Back to Top